RubyGems - device-tracker - Versions diffs - 0.2.2 → 0.2.3 - Mend

device-tracker 0.2.2 → 0.2.3

Files changed (125) hide show

data/lib/device_tracker/controllers/heartbeat_controller.rb ADDED

@@ -0,0 +1,54 @@
+require_relative 'application_controller'
+module DeviceTracker
+  class HeartbeatController < ApplicationController
+    post "/" do
+      begin
+        heartbeat = JSON.parse(request.body.read)
+      rescue Exception => e
+        halt 412, {
+          error: true,
+          message: "#{e.message}"
+        }.to_json
+      end
+      # {"heartbeat": {"device_id": "BBCFM003", "longitude": 53.470096, "latitude": -2.281457}}
+      if valid_heartbeat?(heartbeat)
+        heartbeat = heartbeat["heartbeat"]
+        unid = heartbeat["device_id"].upcase
+        if Device.exists?(unid: unid)
+          device = Device.find_by_unid(unid)
+          Heartbeat.create({
+            longitude: heartbeat["longitude"],
+            latitude: heartbeat["latitude"],
+            device_id: device.id
+          })
+          halt 201, {
+            error: false,
+            message: "Heartbeat for device: #{unid} received."
+          }.to_json
+        else
+          halt 404, {
+            error: true,
+            message: "The device with id: #{unid} doesn't exist."
+          }.to_json
+        end
+      else
+        halt 412, {
+          error: true,
+          message: "Manformed heartbeat received, so will not be processed."
+        }.to_json
+      end
+    end
+  end
+end

data/lib/device_tracker/controllers/os_controller.rb ADDED

@@ -0,0 +1,41 @@
+require_relative 'application_controller'
+module DeviceTracker
+  class OSController < ApplicationController
+    before do
+      perform_admin_check
+    end
+    get "/manage" do
+      @os = OperatingSystem.all.order(:name)
+      erb :"os/manage"
+    end
+    post "/create" do
+      @os = OperatingSystem.create(params[:os])
+      if @os.valid?
+        @os.save
+        create_flash "success", ["Successfully added #{@os.name}"]
+        redirect back
+      else
+        create_flash "warning", @os.errors.full_messages
+        redirect back
+      end
+    end
+    delete "/:os_id/delete" do |os_id|
+      if OperatingSystem.exists?(os_id)
+        OperatingSystem.destroy(os_id)
+        create_flash "success", ["Operating system deleted."]
+        redirect back
+      else
+        create_flash "warning", ["Operating system not found."]
+        redirect back
+      end
+    end
+  end
+end

data/lib/device_tracker/controllers/transactions_controller.rb ADDED

@@ -0,0 +1,19 @@
+require_relative 'application_controller'
+module DeviceTracker
+  class TransactionsController < ApplicationController
+    get "/" do
+      @transactions = Transaction.limit(100).order(created_at: :desc).all
+      erb :"transactions/index"
+    end
+    get "/:device_id" do |device_id|
+      @transactions = Transaction.where(device_id: device_id).limit(100).order(created_at: :desc).all
+      erb :"transactions/index"
+    end
+  end
+end

data/lib/device_tracker/controllers/users_controller.rb ADDED

@@ -0,0 +1,191 @@
+require_relative 'application_controller'
+module DeviceTracker
+  class UsersController < ApplicationController
+    before do
+      if ! %w[new create].include? request.path_info.split('/')[1]
+        protected!
+      end
+      if %w[manage].include? request.path_info.split('/')[1]
+        perform_admin_check
+      end
+    end
+    get "/manage" do
+      @users = User.all
+      erb :"users/manage", users: @users
+    end
+    get "/new" do
+      erb :"users/new"
+    end
+    get "/:user_id/edit" do |user_id|
+      # TODO Move this out into its own function
+      user = get_logged_in_user
+      if user[:is_admin] != true and user[:id] != user_id.to_i
+        create_flash "warning", ["You don't have permission to view this page."]
+        redirect back
+      end
+      if User.exists?(user_id)
+        @user = User.find(user_id)
+        @is_admin = user[:is_admin]
+        erb :"users/edit"
+      else
+        create_flash "warning", ["Sorry, but that user doesn't exist"]
+        redirect back
+      end
+    end
+    put "/:user_id" do |user_id|
+      if get_logged_in_user[:is_admin] != true and get_logged_in_user[:id] != user_id.to_i
+        create_flash "warning", ["You don't have permission to view this page."]
+        redirect back
+      end
+      if User.exists?(user_id)
+        attributes = {
+          username: params[:user][:username],
+          email: params[:user][:email],
+          name: params[:user][:name]
+        }
+        # Only admins have access to these attributes
+        if is_admin?
+          attributes[:is_admin] = (!params[:user][:is_admin].nil? and params[:user][:is_admin] == "on")
+          attributes[:is_verified] = (!params[:user][:is_verified].nil? and params[:user][:is_verified] == "on")
+        end
+        # Should we change the password?
+        if change_password?(params)
+          attributes[:password] = params[:user][:password]
+          attributes[:password_confirmation] = params[:user][:password_confirmation]
+        end
+        user = User.find(user_id)
+        users_previous_verification = user.is_verified
+        if user.update(attributes)
+          if user.is_verified && users_previous_verification == false
+            verification_email(user)
+          end
+          create_flash "success", ["The account was successfully updated."]
+          redirect back
+        else
+          create_flash "warning", user.errors.full_messages
+          redirect back
+        end
+      end
+      create_flash "warning", ["I'm sorry but that user does not exist!"]
+      redirect back
+    end
+    post "/create" do
+      user = User.new
+      attributes = {
+        username: params[:user][:username],
+        password: params[:user][:password],
+        password_confirmation: params[:user][:password_confirmation],
+        name: params[:user][:name],
+        email: params[:user][:email]
+      }
+      user.username = attributes[:username]
+      user.password = attributes[:password]
+      user.email = attributes[:email]
+      user.name = attributes[:name]
+      user.password_confirmation = attributes[:password_confirmation]
+      attributes.each do |key, value|
+        flash[key] = value if key != :password
+      end
+      if user.valid? and user.save
+        report_transaction("#{user.email} registered a new account.", Transaction.registration)
+        # Account is awaiting activation
+        admin_email_registration(request, user)
+        create_flash "info", ["Registration successful, please wait for your account to be activated."]
+        redirect "/"
+      else
+        create_flash "warning", [user.errors.full_messages.first]
+        redirect back
+      end
+    end
+    delete "/:user_id/delete" do |user_id|
+      if User.exists?(user_id)
+        user = User.find(user_id)
+        email = user.email
+        if user.devices.count > 0
+          Device.where(user_id: user.id).update_all(available: true, checked_out_since: nil, user_id: nil)
+        end
+        if user.destroy
+          report_transaction("#{email} was deleted by #{get_logged_in_user[:email]}.", Transaction.deletion)
+        end
+        create_flash "success", ["The user account has been successfully removed!"]
+      else
+        create_flash "warning", ["Unable to remove the user account, try again."]
+      end
+      redirect back
+    end
+    def verification_email(user)
+      @user = user
+      @get_started_link = request.base_url + '/devices'
+      body = ERB.new(File.read(EMAILS_PATH + "/verification.erb")).result(binding)
+      begin
+        Pony.mail(
+          :to => [@user.email],
+          :from => 'no-reply@device-tracker',
+          :subject => 'Account Verified | Device Tracker',
+          :html_body => body
+        )
+      rescue Net::OpenTimeout => e
+        puts "ERROR: Error sending email"
+      end
+    end
+    def admin_email_registration(request, user)
+      @user = user
+      @verification_link = request.base_url + '/users/' + user.id.to_s + '/edit'
+      body = ERB.new(File.read(EMAILS_PATH + "/registration.erb")).result(binding)
+      begin
+        Pony.mail(
+          :to => [User.where(is_admin: true).map {|u| u.email }],
+          :from => 'no-reply@device-tracker',
+          :subject => 'New Registration | Device Tracker',
+          :html_body => body
+        )
+      rescue Net::OpenTimeout => e
+        puts "ERROR: Error sending email"
+      end
+    end
+  end
+end

data/lib/{device/tracker → device_tracker}/db/migrate/20150521071815_create_users.rb RENAMED

File without changes

data/lib/{device/tracker → device_tracker}/db/migrate/20150521082155_create_devices.rb RENAMED

File without changes

data/lib/{device/tracker → device_tracker}/db/migrate/20150521120335_create_operating_systems.rb RENAMED

File without changes

data/lib/{device/tracker → device_tracker}/db/migrate/20150527162242_create_transactions.rb RENAMED

File without changes

data/lib/{device/tracker → device_tracker}/db/migrate/20151027073050_create_heartbeat.rb RENAMED

File without changes

data/lib/{device/tracker → device_tracker}/db/migrate/20151028132946_add_user_verification.rb RENAMED

File without changes

data/lib/{device/tracker → device_tracker}/db/migrate/20151028141328_remove_is_active_from_users.rb RENAMED

File without changes

data/lib/{device/tracker → device_tracker}/db/migrate/20151029085629_add_password_reset_code_to_users.rb RENAMED

File without changes

data/lib/{device/tracker → device_tracker}/db/migrate/20151030130341_add_missing_column_to_devices.rb RENAMED

File without changes

data/lib/{device/tracker → device_tracker}/db/migrate/20151102141601_add_serial_number_to_devices.rb RENAMED

File without changes

data/lib/{device/tracker → device_tracker}/db/schema.rb RENAMED

File without changes

data/lib/device_tracker/db/seeds.rb ADDED

@@ -0,0 +1,46 @@
+require 'faker'
+module DeviceTracker
+  class Seed
+    def self.seed_dummy_data
+      operating_system = OperatingSystem.create!({
+        name: Faker::Hacker.noun,
+        api_level: 1
+      })
+      Device.create!({
+        unid: Faker::Code.ean,
+        manufacturer: Faker::Company.name,
+        device: Faker::Commerce.product_name,
+        description: Faker::Lorem.sentence(8),
+        imei: Faker::Number.number(10),
+        operating_system: operating_system,
+        user: User.all.first,
+        available: false,
+        checked_out_since: 3.days.ago,
+        serial_number: Faker::Number.number(10)
+      })
+    end
+    def self.seed(name: name, password: password, email: email)
+      user = User.where(email: email)
+      if user.exists?
+        return
+      end
+      user = User.find_or_create_by({
+        name: name,
+        username: 'admin',
+        email: email,
+        is_admin: true,
+        is_verified: true
+      })
+      user.password = password
+      user.save
+      puts "Added #{user.username} to the database."
+    end
+  end
+end

data/lib/{device/tracker → device_tracker}/dependencies.rb RENAMED

@@ -11,5 +11,4 @@ require 'bundler'
   pony
 ).each { |d| require d }
-puts File.dirname(__FILE__)
 Dir.glob("#{File.dirname(__FILE__)}/{helpers,controllers,models}/*.rb").each { |file| require file }

data/lib/device_tracker/device_tracker.rb ADDED

@@ -0,0 +1,17 @@
+require_relative "./version"
+require_relative "./dependencies"
+require_relative "./app"
+require "rack"
+module DeviceTracker
+  def self.start(host, port)
+    options = {
+      :Host => host,
+      :Port => port
+    }
+    Rack::Handler::Thin.run(App.new, options) do |server|
+      [:INT, :TERM].each { |sig| trap(sig) { server.stop } }
+    end
+  end
+end

data/lib/device_tracker/helpers/application_helper.rb ADDED

@@ -0,0 +1,82 @@
+module DeviceTracker
+  module ApplicationHelper
+    SECRET = 'mYR4nd0mAr$eS3cr3t/fuGg1wugGl3'
+    def is_admin?
+      user = get_logged_in_user
+      return if user.nil?
+      user[:is_admin]
+    end
+    def value_for(name, object)
+      if flash[name]
+        flash[name]
+      elsif object
+        object.send name
+      end
+    end
+    def get_logged_in_user
+      session[:user] unless session[:user].nil?
+    end
+    def generate_activation_code(size = 6)
+      charset = %w{0 1 2 3 4 6 7 8 9 A C D E F G H J K M N P Q R T V W X Y Z}
+      (0...size).map{ charset.to_a[rand(charset.size)] }.join
+    end
+    def change_password?(params)
+      if params[:user][:password].empty? or params[:user][:password_confirmation].empty?
+        false
+      else
+        true
+      end
+    end
+    def protected!
+      if session[:user].nil?
+        create_flash "info", ["You must be logged in to see this page."]
+        redirect "/login"
+      elsif !session[:user][:is_verified]
+        create_flash "info", ["You account is awaiting verification by an admin."]
+        redirect "/login"
+      end
+    end
+    def report_transaction(message, type, device = nil)
+      transaction = Transaction.new
+      if session[:user]
+        transaction.user_id = get_logged_in_user[:id]
+      end
+      transaction.description = message
+      transaction.transaction_type = type
+      transaction.device_id = device.id unless device.nil?
+      transaction.save!
+    end
+    def perform_admin_check
+      user = get_logged_in_user
+      if user.nil? or user[:is_admin] == false
+        create_flash "warning", ["#{user[:name]} does not have permissions to access this page."]
+        redirect back
+      end
+    end
+    def create_flash(type, message)
+      flash[:message] = {css_class: type, message: message }
+    end
+    def valid_heartbeat?(data)
+      if !data["heartbeat"].nil? and !data["heartbeat"]["longitude"].nil? and
+         !data["heartbeat"]["latitude"].nil? and !data["heartbeat"]["device_id"].nil?
+        return true
+      end
+      false
+    end
+  end
+end