decidim-ub 0.1.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +7 -0
- data/LICENSE-AGPLv3.txt +661 -0
- data/README.md +51 -0
- data/Rakefile +38 -0
- data/app/commands/decidim/ub/sync_user.rb +41 -0
- data/app/controllers/concerns/decidim/devise_authentication_methods.rb +11 -0
- data/app/forms/decidim/ub/verifications/ub.rb +33 -0
- data/app/forms/decidim/ub/verifications/ub_ant.rb +11 -0
- data/app/forms/decidim/ub/verifications/ub_est.rb +11 -0
- data/app/forms/decidim/ub/verifications/ub_pas.rb +11 -0
- data/app/forms/decidim/ub/verifications/ub_pdi.rb +11 -0
- data/app/forms/decidim/ub/verifications/ub_pex.rb +11 -0
- data/app/helpers/decidim/ub/omniauth_helper_override.rb +19 -0
- data/app/jobs/decidim/ub/auto_verification_job.rb +55 -0
- data/app/jobs/decidim/ub/omniauth_user_sync_job.rb +24 -0
- data/app/models/concerns/decidim/ub/user_override.rb +19 -0
- data/app/packs/entrypoints/decidim_ub.js +2 -0
- data/app/packs/images/ub_logo.svg +2401 -0
- data/config/assets.rb +8 -0
- data/config/i18n-tasks.yml +7 -0
- data/config/locales/ca.yml +31 -0
- data/config/locales/en.yml +31 -0
- data/config/locales/es.yml +31 -0
- data/db/migrate/20240709154301_add_ub_roles_to_users.rb +7 -0
- data/lib/decidim/ub/engine.rb +57 -0
- data/lib/decidim/ub/test/factories.rb +3 -0
- data/lib/decidim/ub/version.rb +10 -0
- data/lib/decidim/ub.rb +36 -0
- data/lib/generators/decidim/app_templates/test/initializer.rb +11 -0
- data/lib/omniauth/strategies/ub.rb +43 -0
- data/lib/omniauth/ub.rb +3 -0
- metadata +118 -0
data/config/assets.rb
ADDED
@@ -0,0 +1,31 @@
|
|
1
|
+
---
|
2
|
+
ca:
|
3
|
+
decidim:
|
4
|
+
authorization_handlers:
|
5
|
+
ub_ant:
|
6
|
+
explanation: Verifica't com a antic alumne
|
7
|
+
name: Antic alumne (ANT)
|
8
|
+
ub_est:
|
9
|
+
explanation: Verifica't com a alumne
|
10
|
+
name: Alumne (EST)
|
11
|
+
ub_pas:
|
12
|
+
explanation: Verifica't com a personal administratiu/servicis
|
13
|
+
name: Personal administratiu/servicis (PTGAS)
|
14
|
+
ub_pdi:
|
15
|
+
explanation: Verifica't com a professor
|
16
|
+
name: Professor (PDI)
|
17
|
+
ub_pex:
|
18
|
+
explanation: Verifica't com a personal extern
|
19
|
+
name: Personal extern (PEX)
|
20
|
+
ub:
|
21
|
+
errors:
|
22
|
+
missing_role: No tens aquest rol
|
23
|
+
verifications:
|
24
|
+
authorizations:
|
25
|
+
first_login:
|
26
|
+
actions:
|
27
|
+
ub_ant: Verifica't com a antic almumne (ANT)
|
28
|
+
ub_est: Verifica't com a alumne (EST)
|
29
|
+
ub_pas: Verifica't com a personal administració/serveis (PTGAS)
|
30
|
+
ub_pdi: Verifica't com a professor (PDI)
|
31
|
+
ub_pex: Verifica't com a personal extern (PEX)
|
@@ -0,0 +1,31 @@
|
|
1
|
+
---
|
2
|
+
en:
|
3
|
+
decidim:
|
4
|
+
authorization_handlers:
|
5
|
+
ub_ant:
|
6
|
+
explanation: Get verified as an old student
|
7
|
+
name: Old student (ANT)
|
8
|
+
ub_est:
|
9
|
+
explanation: Get verified as a student
|
10
|
+
name: Student (EST)
|
11
|
+
ub_pas:
|
12
|
+
explanation: Get verified as an administrative/services personal
|
13
|
+
name: Administrative/services personal (PTGAS)
|
14
|
+
ub_pdi:
|
15
|
+
explanation: Get verified as a teacher
|
16
|
+
name: Teacher (PDI)
|
17
|
+
ub_pex:
|
18
|
+
explanation: Get verified as an external personal
|
19
|
+
name: External personal (PEX)
|
20
|
+
ub:
|
21
|
+
errors:
|
22
|
+
missing_role: You don't have this role
|
23
|
+
verifications:
|
24
|
+
authorizations:
|
25
|
+
first_login:
|
26
|
+
actions:
|
27
|
+
ub_ant: Verify you are an old student (ANT)
|
28
|
+
ub_est: Verify you are a student (EST)
|
29
|
+
ub_pas: Verify you are an administrative/services personal (PTGAS)
|
30
|
+
ub_pdi: Verify you are a teacher (PDI)
|
31
|
+
ub_pex: Verify you are an external personal (PEX)
|
@@ -0,0 +1,31 @@
|
|
1
|
+
---
|
2
|
+
es:
|
3
|
+
decidim:
|
4
|
+
authorization_handlers:
|
5
|
+
ub_ant:
|
6
|
+
explanation: Verifícate como antiguo estudiante
|
7
|
+
name: Antiguo estudiante (ANT)
|
8
|
+
ub_est:
|
9
|
+
explanation: Verifícate como estudiante
|
10
|
+
name: Estudiante (EST)
|
11
|
+
ub_pas:
|
12
|
+
explanation: Verifícate como personal administrativo/servicios
|
13
|
+
name: Personal administrativo/servicios (PTGAS)
|
14
|
+
ub_pdi:
|
15
|
+
explanation: Verifícate como profesor
|
16
|
+
name: Profesor (PDI)
|
17
|
+
ub_pex:
|
18
|
+
explanation: Verifícate como personal externo
|
19
|
+
name: Personal externo (PEX)
|
20
|
+
ub:
|
21
|
+
errors:
|
22
|
+
missing_role: No tienes este rol
|
23
|
+
verifications:
|
24
|
+
authorizations:
|
25
|
+
first_login:
|
26
|
+
actions:
|
27
|
+
ub_ant: Verifícate como antiguo estudiante (ANT)
|
28
|
+
ub_est: Verifícate como estudiante (EST)
|
29
|
+
ub_pas: Verifícate como personal administrativo/servicios (PTGAS)
|
30
|
+
ub_pdi: Verifícate como profesor (PDI)
|
31
|
+
ub_pex: Verifícate como personal externo (PEX)
|
@@ -0,0 +1,57 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
require "omniauth/strategies/ub"
|
4
|
+
|
5
|
+
module Decidim
|
6
|
+
module Ub
|
7
|
+
# This is the engine that runs on the public interface of ub.
|
8
|
+
class Engine < ::Rails::Engine
|
9
|
+
isolate_namespace Decidim::Ub
|
10
|
+
|
11
|
+
config.to_prepare do
|
12
|
+
Decidim::OmniauthHelper.include(Decidim::Ub::OmniauthHelperOverride)
|
13
|
+
Decidim::User.include(Decidim::Ub::UserOverride)
|
14
|
+
end
|
15
|
+
|
16
|
+
initializer "decidim_ub.omniauth" do
|
17
|
+
next unless Decidim::Ub.omniauth && Decidim::Ub.omniauth[:client_id]
|
18
|
+
|
19
|
+
# Decidim use the secrets configuration to decide whether to show the omniauth provider
|
20
|
+
Rails.application.secrets[:omniauth][Decidim::Ub::OMNIAUTH_PROVIDER_NAME.to_sym] = Decidim::Ub.omniauth
|
21
|
+
|
22
|
+
Rails.application.config.middleware.use OmniAuth::Builder do
|
23
|
+
provider Decidim::Ub::OMNIAUTH_PROVIDER_NAME,
|
24
|
+
client_id: Decidim::Ub.omniauth[:client_id],
|
25
|
+
client_secret: Decidim::Ub.omniauth[:client_secret],
|
26
|
+
client_options: {
|
27
|
+
site: Decidim::Ub.omniauth[:site],
|
28
|
+
authorize_url: Decidim::Ub.omniauth[:authorize_url],
|
29
|
+
token_url: Decidim::Ub.omniauth[:token_url]
|
30
|
+
}
|
31
|
+
end
|
32
|
+
end
|
33
|
+
|
34
|
+
initializer "decidim_ub.webpacker.assets_path" do
|
35
|
+
Decidim.register_assets_path File.expand_path("app/packs", root)
|
36
|
+
end
|
37
|
+
|
38
|
+
initializer "decidim_ub.authorizations" do
|
39
|
+
Decidim::Ub.authorizations.each do |name|
|
40
|
+
Decidim::Verifications.register_workflow(name.to_sym) do |workflow|
|
41
|
+
workflow.form = "Decidim::Ub::Verifications::#{name.camelize}"
|
42
|
+
end
|
43
|
+
end
|
44
|
+
end
|
45
|
+
|
46
|
+
initializer "decidim_ub.user_sync" do
|
47
|
+
ActiveSupport::Notifications.subscribe "decidim.user.omniauth_registration" do |_name, data|
|
48
|
+
Decidim::Ub::OmniauthUserSyncJob.perform_later(data) if data[:provider] == Decidim::Ub::OMNIAUTH_PROVIDER_NAME
|
49
|
+
end
|
50
|
+
|
51
|
+
ActiveSupport::Notifications.subscribe "decidim.ub.user.updated" do |_name, data|
|
52
|
+
Decidim::Ub::AutoVerificationJob.perform_later(data)
|
53
|
+
end
|
54
|
+
end
|
55
|
+
end
|
56
|
+
end
|
57
|
+
end
|
data/lib/decidim/ub.rb
ADDED
@@ -0,0 +1,36 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
require "decidim/ub/engine"
|
4
|
+
|
5
|
+
module Decidim
|
6
|
+
module Ub
|
7
|
+
include ActiveSupport::Configurable
|
8
|
+
|
9
|
+
OMNIAUTH_PROVIDER_NAME = "ub"
|
10
|
+
ROLES = %w(EST PAS PDI PEX ANT).freeze
|
11
|
+
|
12
|
+
class << self
|
13
|
+
def roles_to_auth_name(roles)
|
14
|
+
roles.map { |role| "ub_#{role.downcase}" }
|
15
|
+
end
|
16
|
+
end
|
17
|
+
|
18
|
+
config_accessor :omniauth do
|
19
|
+
{
|
20
|
+
enabled: ENV["UB_CLIENT_ID"].present?,
|
21
|
+
icon_path: ENV.fetch("UB_ICON", "media/images/ub_logo.svg"),
|
22
|
+
client_id: ENV["UB_CLIENT_ID"].presence,
|
23
|
+
client_secret: ENV["UB_CLIENT_SECRET"].presence,
|
24
|
+
site: ENV["UB_SITE"].presence,
|
25
|
+
authorize_url: ENV["UB_AUTHORIZE_URL"].presence,
|
26
|
+
token_url: ENV["UB_TOKEN_URL"].presence
|
27
|
+
}
|
28
|
+
end
|
29
|
+
|
30
|
+
config_accessor :authorizations do
|
31
|
+
roles_to_auth_name(ROLES).freeze
|
32
|
+
end
|
33
|
+
|
34
|
+
class Error < StandardError; end
|
35
|
+
end
|
36
|
+
end
|
@@ -0,0 +1,11 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
Decidim::Ub.configure do |config|
|
4
|
+
config.omniauth = {
|
5
|
+
client_id: "test-client-id",
|
6
|
+
client_secret: "test-client-secret",
|
7
|
+
site: "https://test.example.org",
|
8
|
+
authorize_url: "/authorize",
|
9
|
+
token_url: "/token"
|
10
|
+
}
|
11
|
+
end
|
@@ -0,0 +1,43 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
require "omniauth-oauth2"
|
4
|
+
|
5
|
+
module OmniAuth
|
6
|
+
module Strategies
|
7
|
+
class Ub < OmniAuth::Strategies::OAuth2
|
8
|
+
REGEXP_SANITIZER = /[<>?%&^*#@()\[\]=+:;"{}\\|]/
|
9
|
+
|
10
|
+
option :name, "ub"
|
11
|
+
option :token_options, %w(client_id client_secret)
|
12
|
+
|
13
|
+
uid do
|
14
|
+
raw_info.dig("employeenumber", 0)
|
15
|
+
end
|
16
|
+
|
17
|
+
info do
|
18
|
+
{
|
19
|
+
name: raw_info.dig("cn", 0).gsub(REGEXP_SANITIZER, ""),
|
20
|
+
nickname: Decidim::UserBaseEntity.nicknamize(raw_info.dig("uidnet", 0)),
|
21
|
+
email: raw_info.dig("mail", 0),
|
22
|
+
roles: raw_info["colect2"] || []
|
23
|
+
}
|
24
|
+
end
|
25
|
+
|
26
|
+
def callback_url
|
27
|
+
full_host + callback_path
|
28
|
+
end
|
29
|
+
|
30
|
+
def raw_info
|
31
|
+
@raw_info ||= begin
|
32
|
+
connection = Faraday.new(url: options.client_options[:site], ssl: { verify: true }) do |conn|
|
33
|
+
conn.headers["Authorization"] = "#{access_token.response.parsed.token_type} #{access_token.token}"
|
34
|
+
end
|
35
|
+
response = connection.get("/api/adas/oauth2/tokendata")
|
36
|
+
raise Error, "Unable to fetch the user information" unless response.success?
|
37
|
+
|
38
|
+
JSON.parse(response.body).to_h
|
39
|
+
end
|
40
|
+
end
|
41
|
+
end
|
42
|
+
end
|
43
|
+
end
|
data/lib/omniauth/ub.rb
ADDED
metadata
ADDED
@@ -0,0 +1,118 @@
|
|
1
|
+
--- !ruby/object:Gem::Specification
|
2
|
+
name: decidim-ub
|
3
|
+
version: !ruby/object:Gem::Version
|
4
|
+
version: 0.1.0
|
5
|
+
platform: ruby
|
6
|
+
authors:
|
7
|
+
- Francisco Bolívar
|
8
|
+
autorequire:
|
9
|
+
bindir: bin
|
10
|
+
cert_chain: []
|
11
|
+
date: 2024-07-11 00:00:00.000000000 Z
|
12
|
+
dependencies:
|
13
|
+
- !ruby/object:Gem::Dependency
|
14
|
+
name: decidim-core
|
15
|
+
requirement: !ruby/object:Gem::Requirement
|
16
|
+
requirements:
|
17
|
+
- - ">="
|
18
|
+
- !ruby/object:Gem::Version
|
19
|
+
version: 0.28.0
|
20
|
+
- - "<"
|
21
|
+
- !ruby/object:Gem::Version
|
22
|
+
version: '0.29'
|
23
|
+
type: :runtime
|
24
|
+
prerelease: false
|
25
|
+
version_requirements: !ruby/object:Gem::Requirement
|
26
|
+
requirements:
|
27
|
+
- - ">="
|
28
|
+
- !ruby/object:Gem::Version
|
29
|
+
version: 0.28.0
|
30
|
+
- - "<"
|
31
|
+
- !ruby/object:Gem::Version
|
32
|
+
version: '0.29'
|
33
|
+
- !ruby/object:Gem::Dependency
|
34
|
+
name: decidim-dev
|
35
|
+
requirement: !ruby/object:Gem::Requirement
|
36
|
+
requirements:
|
37
|
+
- - ">="
|
38
|
+
- !ruby/object:Gem::Version
|
39
|
+
version: 0.28.0
|
40
|
+
- - "<"
|
41
|
+
- !ruby/object:Gem::Version
|
42
|
+
version: '0.29'
|
43
|
+
type: :development
|
44
|
+
prerelease: false
|
45
|
+
version_requirements: !ruby/object:Gem::Requirement
|
46
|
+
requirements:
|
47
|
+
- - ">="
|
48
|
+
- !ruby/object:Gem::Version
|
49
|
+
version: 0.28.0
|
50
|
+
- - "<"
|
51
|
+
- !ruby/object:Gem::Version
|
52
|
+
version: '0.29'
|
53
|
+
description: A Decidim module to sync UB users who connect to the platform.
|
54
|
+
email:
|
55
|
+
- francisco.bolivar@nazaries.com
|
56
|
+
executables: []
|
57
|
+
extensions: []
|
58
|
+
extra_rdoc_files: []
|
59
|
+
files:
|
60
|
+
- LICENSE-AGPLv3.txt
|
61
|
+
- README.md
|
62
|
+
- Rakefile
|
63
|
+
- app/commands/decidim/ub/sync_user.rb
|
64
|
+
- app/controllers/concerns/decidim/devise_authentication_methods.rb
|
65
|
+
- app/forms/decidim/ub/verifications/ub.rb
|
66
|
+
- app/forms/decidim/ub/verifications/ub_ant.rb
|
67
|
+
- app/forms/decidim/ub/verifications/ub_est.rb
|
68
|
+
- app/forms/decidim/ub/verifications/ub_pas.rb
|
69
|
+
- app/forms/decidim/ub/verifications/ub_pdi.rb
|
70
|
+
- app/forms/decidim/ub/verifications/ub_pex.rb
|
71
|
+
- app/helpers/decidim/ub/omniauth_helper_override.rb
|
72
|
+
- app/jobs/decidim/ub/auto_verification_job.rb
|
73
|
+
- app/jobs/decidim/ub/omniauth_user_sync_job.rb
|
74
|
+
- app/models/concerns/decidim/ub/user_override.rb
|
75
|
+
- app/packs/entrypoints/decidim_ub.js
|
76
|
+
- app/packs/images/ub_logo.svg
|
77
|
+
- config/assets.rb
|
78
|
+
- config/i18n-tasks.yml
|
79
|
+
- config/locales/ca.yml
|
80
|
+
- config/locales/en.yml
|
81
|
+
- config/locales/es.yml
|
82
|
+
- db/migrate/20240709154301_add_ub_roles_to_users.rb
|
83
|
+
- lib/decidim/ub.rb
|
84
|
+
- lib/decidim/ub/engine.rb
|
85
|
+
- lib/decidim/ub/test/factories.rb
|
86
|
+
- lib/decidim/ub/version.rb
|
87
|
+
- lib/generators/decidim/app_templates/test/initializer.rb
|
88
|
+
- lib/omniauth/strategies/ub.rb
|
89
|
+
- lib/omniauth/ub.rb
|
90
|
+
homepage: https://decidim.org
|
91
|
+
licenses:
|
92
|
+
- AGPL-3.0
|
93
|
+
metadata:
|
94
|
+
bug_tracker_uri: https://github.com/decidim/decidim/issues
|
95
|
+
documentation_uri: https://docs.decidim.org/
|
96
|
+
funding_uri: https://opencollective.com/decidim
|
97
|
+
homepage_uri: https://decidim.org
|
98
|
+
source_code_uri: https://github.com/decidim/decidim
|
99
|
+
post_install_message:
|
100
|
+
rdoc_options: []
|
101
|
+
require_paths:
|
102
|
+
- lib
|
103
|
+
required_ruby_version: !ruby/object:Gem::Requirement
|
104
|
+
requirements:
|
105
|
+
- - "~>"
|
106
|
+
- !ruby/object:Gem::Version
|
107
|
+
version: '3.1'
|
108
|
+
required_rubygems_version: !ruby/object:Gem::Requirement
|
109
|
+
requirements:
|
110
|
+
- - ">="
|
111
|
+
- !ruby/object:Gem::Version
|
112
|
+
version: '0'
|
113
|
+
requirements: []
|
114
|
+
rubygems_version: 3.4.14
|
115
|
+
signing_key:
|
116
|
+
specification_version: 4
|
117
|
+
summary: A decidim ub module
|
118
|
+
test_files: []
|