cnfs-cognito 0.0.1.alpha1

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA256:
+  metadata.gz: e2380c60fb607f73af8375a2c5d68f28ce9760e423bfdc52143931342696c29d
+  data.tar.gz: 1af8136e3a110ec001a98437257acdb3be0a2cadda59befa99f95992ccf6f609
+SHA512:
+  metadata.gz: ee571566b474f16df473fe00029d019a29e30b0da691524199aec6c84db9b50b29c460402636838c7e59415bde774827adce192810c253c5c4aa887b5a6d715e
+  data.tar.gz: e1375e02d3f5f77b01eac33b6ecc89c34df931c9bc504dda3fe117dbe4ca5b3e9189f42b842031f5940d888c18cf1879ca36fe6379aa8ec844666e0081658564

data/MIT-LICENSE

@@ -0,0 +1,20 @@
+Copyright 2019 Robert Roach
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/README.md

@@ -0,0 +1,28 @@
+# Ros::Cognito
+Short description and motivation.
+
+## Usage
+How to use my plugin.
+
+## Installation
+Add this line to your application's Gemfile:
+
+```ruby
+gem 'ros-cognito'
+```
+
+And then execute:
+```bash
+$ bundle
+```
+
+Or install it yourself as:
+```bash
+$ gem install ros-cognito
+```
+
+## Contributing
+Contribution directions go here.
+
+## License
+The gem is available as open source under the terms of the [MIT License](https://opensource.org/licenses/MIT).

data/Rakefile

@@ -0,0 +1,24 @@
+# frozen_string_literal: true
+
+begin
+  require 'bundler/setup'
+rescue LoadError
+  puts 'You must `gem install bundler` and `bundle install` to run rake tasks'
+end
+
+require 'rdoc/task'
+
+RDoc::Task.new(:rdoc) do |rdoc|
+  rdoc.rdoc_dir = 'rdoc'
+  rdoc.title    = 'Ros::Cognito'
+  rdoc.options << '--line-numbers'
+  rdoc.rdoc_files.include('README.md')
+  rdoc.rdoc_files.include('lib/**/*.rb')
+end
+
+APP_RAKEFILE = File.expand_path('spec/dummy/Rakefile', __dir__)
+load 'rails/tasks/engine.rake'
+
+load 'rails/tasks/statistics.rake'
+
+require 'bundler/gem_tasks'

data/app/controllers/chown_requests_controller.rb

@@ -0,0 +1,4 @@
+# frozen_string_literal: true
+
+class ChownRequestsController < Cognito::ApplicationController
+end

data/app/controllers/chown_results_controller.rb

@@ -0,0 +1,4 @@
+# frozen_string_literal: true
+
+class ChownResultsController < Cognito::ApplicationController
+end

data/app/controllers/cognito/application_controller.rb

@@ -0,0 +1,6 @@
+# frozen_string_literal: true
+
+module Cognito
+  class ApplicationController < ::ApplicationController
+  end
+end

data/app/controllers/endpoints_controller.rb

@@ -0,0 +1,4 @@
+# frozen_string_literal: true
+
+class EndpointsController < Cognito::ApplicationController
+end

data/app/controllers/identifiers_controller.rb

@@ -0,0 +1,4 @@
+# frozen_string_literal: true
+
+class IdentifiersController < Cognito::ApplicationController
+end

data/app/controllers/login_controller.rb

@@ -0,0 +1,45 @@
+# frozen_string_literal: true
+
+class LoginController < ApplicationController
+  # TODO: Move payload to LoginController Spec
+  # {
+  #   "data": {
+  #     "type": "login",
+  #     "attributes": {
+  #       "primary_identifier": "f92a8503-7b33-42b0-939d-5f948d5422ac"
+  #     }
+  #   }
+  # }
+
+  def create
+    # Get the user from the payload
+    json = request.body.read
+    # TODO: use controller concern jsonapi_params
+    pi = JSON.parse(json)['data']['attributes']['primary_identifier']
+
+    unless (user = User.find_by(primary_identifier: pi))
+      # TODO: Create a controller concern method and use that to render
+      # It should take the status (401), code (:unauthorized) and the title as params
+      # title param if nil defaults to code.to_s.capitalize
+      render(status: :unauthorized, json: { errors: [{ status: '401', code: :unauthorized, title: 'Unauthorized' }] })
+      return
+    end
+
+    # Add the 'sub_cognito' claim to the JWT and set the header
+    current_jwt.add_claims('sub_cognito' => user.to_urn)
+    current_jwt.add_claims('act_cognito' => user)
+
+    # Render some body back to the client
+    # TODO: Use controller concern serialize_resource to render
+    render(status: :ok, json: { 'data': [{
+             'type': 'login',
+             'id': user.id,
+             'attributes': {
+               'jwt': current_jwt.encode
+             },
+             'links': {
+               'self': 'http://example.com/things/1'
+             }
+           }] })
+  end
+end

data/app/controllers/metabase_cards_controller.rb

@@ -0,0 +1,4 @@
+# frozen_string_literal: true
+
+class MetabaseCardsController < Cognito::ApplicationController
+end

data/app/controllers/metabase_token_controller.rb

@@ -0,0 +1,46 @@
+# frozen_string_literal: true
+
+class MetabaseTokenController < Cognito::ApplicationController
+  DEFAULT_TYPE = 'question'
+
+  before_action :identify_resource, only: :show
+
+  def show
+    tokenizer = Metabase::TokenGenerator.new(payload: payload, expiry: params[:expiry])
+    if tokenizer.valid?
+      render json: { token: tokenizer.token }, root: :data
+    else
+      render json: { errors: tokenizer.errors.messages }, status: :unprocessable_entity
+    end
+  end
+
+  private
+
+  def payload
+    type = params.delete(:type) || DEFAULT_TYPE
+
+    {
+      resource: { type => params[:id].to_i },
+      params: payload_params
+    }
+  end
+
+  def payload_params
+    options = { tenant: Apartment::Tenant.current }
+    return options if params[:params].blank?
+
+    options.merge(params[:params].to_unsafe_h.deep_symbolize_keys)
+  end
+
+  def identify_resource
+    return params if /^\d+$/.match?(params[:id])
+
+    card = MetabaseCard.find_by(identifier: params[:id])
+    if card.nil?
+      render json: { errors: 'Card not found' }, status: :not_found
+      return
+    end
+
+    params[:id] = card.card_id
+  end
+end

data/app/controllers/pools_controller.rb

@@ -0,0 +1,21 @@
+# frozen_string_literal: true
+
+class PoolsController < Cognito::ApplicationController
+  def create
+    res = PoolCreate.call(params: create_params, user: context[:user])
+    if res.success?
+      render json: json_resource(resource_class: PoolResource, record: res.model, context: context), status: :created
+    else
+      resource = ApplicationResource.new(res, nil)
+      handle_exceptions JSONAPI::Exceptions::ValidationErrors.new(resource)
+    end
+  end
+
+  private
+
+  def create_params
+    # TODO: Think of the proper pattern for this
+    creatable_fields = PoolResource.creatable_fields(context) + [:base_pool_id, { segments: {} }]
+    jsonapi_params.permit(creatable_fields)
+  end
+end

data/app/controllers/users_controller.rb

@@ -0,0 +1,4 @@
+# frozen_string_literal: true
+
+class UsersController < Cognito::ApplicationController
+end

data/app/models/chown_request.rb

@@ -0,0 +1,13 @@
+# frozen_string_literal: true
+
+class ChownRequest < Cognito::ApplicationRecord
+  has_many :chown_results
+
+  after_commit :create_chown_results, on: :create
+
+  private
+
+  def create_chown_results
+    ChownRequestProcess.call(id: id, from_ids: from_ids, to_id: to_id)
+  end
+end

data/app/models/chown_result.rb

@@ -0,0 +1,14 @@
+# frozen_string_literal: true
+
+class ChownResult < Cognito::ApplicationRecord
+  belongs_to :chown_request
+
+  after_commit :spawn_chown_jobs, on: :create
+
+  private
+
+  def spawn_chown_jobs
+    Ros::ChownJob.set(queue: "#{service_name}_default")
+                 .perform_later(from_id: from_id, to_id: to_id, chown_result_id: id)
+  end
+end

data/app/models/cognito/application_record.rb

@@ -0,0 +1,7 @@
+# frozen_string_literal: true
+
+module Cognito
+  class ApplicationRecord < ::ApplicationRecord
+    self.abstract_class = true
+  end
+end

data/app/models/endpoint.rb

@@ -0,0 +1,6 @@
+# frozen_string_literal: true
+
+class Endpoint < Cognito::ApplicationRecord
+  belongs_to_resource :target, polymorphic: true
+  # api_belongs_to :user, class_name: 'Ros::IAM::User'
+end

data/app/models/identifier.rb

@@ -0,0 +1,5 @@
+# frozen_string_literal: true
+
+class Identifier < Cognito::ApplicationRecord
+  belongs_to :user
+end

data/app/models/metabase_card.rb

@@ -0,0 +1,6 @@
+# frozen_string_literal: true
+
+class MetabaseCard < Cognito::ApplicationRecord
+  validates :card_id, presence: true, uniqueness: true
+  validates :identifier, presence: true, uniqueness: true
+end

data/app/models/platform_event_consumer.rb

@@ -0,0 +1,8 @@
+# frozen_string_literal: true
+
+class PlatformEventConsumer
+  # Includes cross service event consumer functionality, e.g. 'process_document'
+  # include Ros::PlatformEventConsumerConcern
+
+  # Here include event consumer functionality specific to this service
+end

data/app/models/pool.rb

@@ -0,0 +1,6 @@
+# frozen_string_literal: true
+
+class Pool < Cognito::ApplicationRecord
+  has_many :user_pools
+  has_many :users, through: :user_pools
+end

data/app/models/tenant.rb

@@ -0,0 +1,5 @@
+# frozen_string_literal: true
+
+class Tenant < Cognito::ApplicationRecord
+  include Ros::TenantConcern
+end

data/app/models/user.rb

@@ -0,0 +1,50 @@
+# frozen_string_literal: true
+
+class User < Cognito::ApplicationRecord
+  attribute :anonymous, :boolean, default: false
+
+  enum gender: { male: 'm', female: 'f', other: 'o' }
+
+  has_many :user_pools
+  has_many :pools, through: :user_pools
+
+  scope :birth_day, ->(date) { where("TO_CHAR(birthday, 'DD-MM') = TO_CHAR(DATE(?), 'DD-MM')", date) }
+  scope :birth_month, ->(date) { where("TO_CHAR(birthday, 'MM') = TO_CHAR(DATE(?), 'MM')", date) }
+
+  def self.reset
+    UserPool.delete_all
+    Pool.delete_all
+    User.delete_all
+  end
+
+  def self.file_fingerprint_attributes
+    column_names + %i[pool_name]
+  end
+
+  def self.load_document(file_name, column_map = nil, create = false)
+    processed_count = 0
+    column_map ||= default_headers
+    column_map = column_map.invert.symbolize_keys.invert
+    CSV.foreach(file_name, headers: true, header_converters: ->(name) { column_map[name] }) do |row|
+      if create
+        pool = Pool.find_or_create_by(name: row[:pool_name])
+        # row[:phone_number] = "+#{row[:phone_number]}"
+        row = row.to_h.except(:pool_name)
+        user = User.find_or_create_by(primary_identifier: row[:primary_identifier])
+        user.update(row.slice(:title, :last_name, :phone_number, :birthday, :gender))
+        processed_count += 1
+        pool.users << user
+      else
+        Rails.logger.debug "title: #{row[:title]} phone_number: #{row[:phone_number]} " \
+          "last_name: #{row[:last_name]} id: #{row[:primary_identifier]} pool: #{row[:pool_name]}"
+      end
+    end
+    processed_count
+  end
+
+  def self.default_headers
+    { 'Salutation' => :title, 'Last Name' => :last_name, 'Mobile' => :phone_number,
+      'Unique Number' => :primary_identifier, 'Campaign Code' => :pool_name,
+      'Birthday' => :birthday, 'Gender' => :gender }
+  end
+end

data/app/models/user_pool.rb

@@ -0,0 +1,6 @@
+# frozen_string_literal: true
+
+class UserPool < ApplicationRecord
+  belongs_to :user
+  belongs_to :pool
+end

data/app/operations/chown_request_process.rb

@@ -0,0 +1,27 @@
+# frozen_string_literal: true
+
+class ChownRequestProcess < Ros::ActivityBase
+  # - {id} ChownRequest id
+  # - {from_ids} list of user ids to merge
+  # - {to_id} Final user id to receive all the data
+
+  # TODO: Needs improvement
+  # - Ensure that user id is confirmed while all the other users are not
+  # confirmed
+  # - Which permissions should this require?
+  # - For now, requesting user (identified via token), has to match the
+  # id passed in the params
+
+  step :create_chown_results
+
+  private
+
+  def create_chown_results(_ctx, id:, from_ids:, to_id:, **)
+    from_ids.each do |from_id|
+      %w[game instant-outcome voucher-service outcome].each do |service|
+        ChownResult.create(chown_request_id: id, service_name: service,
+                           from_id: from_id, to_id: to_id, status: 'pending')
+      end
+    end
+  end
+end

data/app/operations/pool_create.rb

@@ -0,0 +1,65 @@
+# frozen_string_literal: true
+
+class PoolCreate < Ros::ActivityBase
+  step :check_permission
+  failed :not_permitted, Output(:success) => End(:failure)
+  step :should_be_segmented?, Output(:failure) => Id(:create_regular_pool), Output(:success) => Id(:find_base_pool)
+  step :create_regular_pool, Output(:success) => End(:success), Output(:failure) => End(:failure)
+
+  step :find_base_pool
+  failed :base_pool_not_found, Output(:success) => End(:failure)
+  step :apply_segment
+  failed :fail_to_apply_segment, Output(:success) => End(:failure)
+  step :create_pool
+  failed :pool_not_created, Output(:success) => End(:failure)
+  step :add_users_to_pool
+
+  def check_permission(_ctx, user:, **)
+    PoolPolicy.new(user, Pool.new).create?
+  end
+
+  def not_permitted(_ctx, errors:, **)
+    errors.add(:user, 'not permitted to create a pool')
+  end
+
+  def should_be_segmented?(_ctx, params:, **)
+    params.key?(:base_pool_id) && params.key?(:segments)
+  end
+
+  def create_regular_pool(ctx, params:, **)
+    ctx[:model] = Pool.create(params)
+  end
+
+  def find_base_pool(ctx, params:, **)
+    ctx[:base_pool] = Pool.find(params[:base_pool_id])
+  end
+
+  def base_pool_not_found(_ctx, errors:, params:, **)
+    errors.add(:base_pool, "Can't find base pool with id: #{params[:base_pool_id]}")
+  end
+
+  def apply_segment(ctx, base_pool:, params:, **)
+    segment_result = SegmentsApply.call(users: base_pool.users, segments: params[:segments])
+    return false unless segment_result.success?
+
+    ctx[:users] = segment_result.model
+  end
+
+  def fail_to_apply_segment(_ctx, errors:, **)
+    errors.add(:users, 'Failed to apply segment')
+  end
+
+  def create_pool(ctx, **)
+    ctx[:model] = Pool.create(name: "temporary_pool_#{SecureRandom.hex}", system_generated: true)
+  end
+
+  def pool_not_created(_ctx, errors:, **)
+    errors.add(:pool, "Can't create temporary pool")
+  end
+
+  def add_users_to_pool(_ctx, model:, users:, **)
+    return true if users.empty?
+
+    model.users << users
+  end
+end