RubyGems - disco_app - Versions diffs - 0.12.5 - Mend

disco_app 0.12.5

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (354) hide show

data/app/assets/stylesheets/disco_app/ui-kit/_ui-layout.scss ADDED Viewed

@@ -0,0 +1,15 @@
+//
+// ui-layout.scss
+// Styles for UI layout not provided by the Channel
+// SDK UI Kit.
+// --------------------------------------------------
+body {
+  margin: 0;
+  padding: 0;
+}
+ul, ol, dl {
+  margin: 0;
+  padding: 0;
+}

data/app/assets/stylesheets/disco_app/ui-kit/_ui-tabs.scss ADDED Viewed

@@ -0,0 +1,75 @@
+//
+// ui-tabs.scss
+// Styles for tabs not provided by the Channel SDK UI
+// Kit.
+// --------------------------------------------------
+.next-tab__list {
+  padding: 0;
+  margin: 0;
+  list-style: none;
+  background-color: #f5f6f7;
+  overflow: visible;
+  border-radius: 3px 3px 0 0;
+  flex-wrap: nowrap;
+  display: flex;
+  align-items: stretch;
+  > li {
+    position: relative;
+    flex-grow: 0;
+    flex-shrink: 0;
+    display: flex;
+    align-items: stretch;
+    &:first-child .next-tab {
+      border-top-left-radius: 3px;
+    }
+  }
+}
+.next-tab {
+  color: rgba(0,0,0,0.56);
+  padding: 15px 20px;
+  text-decoration: none;
+  border-right: 1px solid #ebeef0;
+  border-bottom: 1px solid #ebeef0;
+  text-align: center;
+  line-height: 1;
+  cursor: pointer;
+  position: relative;
+  -webkit-box-flex: 1;
+  -webkit-flex-grow: 1;
+  -ms-flex-positive: 1;
+  flex-grow: 1;
+  display: -webkit-box;
+  display: -webkit-flex;
+  display: -ms-flexbox;
+  display: flex;
+  -webkit-box-align: center;
+  -webkit-align-items: center;
+  -ms-flex-align: center;
+  align-items: center;
+  -webkit-box-pack: center;
+  -webkit-justify-content: center;
+  -ms-flex-pack: center;
+  justify-content: center;
+  &:focus,
+  &:hover {
+    outline: none;
+    background-color: #fafbfc;
+    color: #0078bd;
+    text-decoration: none;
+  }
+  &.next-tab--is-active {
+    font-weight: normal;
+    color: rgba(0,0,0,0.9);
+    background-color: #ffffff;
+    border-bottom-color: #ffffff;
+    cursor: default;
+    text-decoration: none;
+  }
+}

data/app/assets/stylesheets/disco_app/ui-kit/_ui-type.scss ADDED Viewed

@@ -0,0 +1,13 @@
+//
+// ui-type.scss
+// Styles for type not provided by the Channel SDK UI
+// Kit.
+// --------------------------------------------------
+hr {
+  color: #e6e6e6;
+  background-color: #e6e6e6;
+  height: 1px;
+  padding: 0;
+  border: 0;
+}

data/app/clients/disco_app/api_client.rb ADDED Viewed

@@ -0,0 +1,27 @@
+require 'rest-client'
+class DiscoApp::ApiClient
+  SUBSCRIPTION_ENDPOINT = 'app_subscriptions.json'
+  def initialize(shop, url)
+    @shop = shop
+    @url = url
+  end
+  def create_app_subscription
+    return unless @url.present?
+    url = @url + SUBSCRIPTION_ENDPOINT
+    begin
+      response = RestClient::Request.execute(
+        method: :post,
+        headers: { content_type: :json },
+        url: url,
+        payload: { shop: @shop, subscription: @shop.current_subscription }.to_json
+      )
+    rescue RestClient::BadRequest, RestClient::ResourceNotFound => e
+      raise DiscoApiError.new(e.message)
+    end
+  end
+end

data/app/clients/disco_app/disco_api_error.rb ADDED Viewed

	@@ -0,0 +1,2 @@
1	+ class DiscoApiError < StandardError
2	+ end

data/app/controllers/disco_app/admin/app_settings_controller.rb ADDED Viewed

@@ -0,0 +1,3 @@
+class DiscoApp::Admin::AppSettingsController < DiscoApp::Admin::ApplicationController
+  include DiscoApp::Admin::Concerns::AppSettingsController
+end

data/app/controllers/disco_app/admin/application_controller.rb ADDED Viewed

@@ -0,0 +1,10 @@
+class DiscoApp::Admin::ApplicationController < ActionController::Base
+  include DiscoApp::Admin::Concerns::AuthenticatedController
+  private
+    helper_method :current_shop
+    def current_shop
+      @current_shop ||= @shop
+    end
+end

data/app/controllers/disco_app/admin/concerns/app_settings_controller.rb ADDED Viewed

@@ -0,0 +1,24 @@
+module DiscoApp::Admin::Concerns::AppSettingsController
+  extend ActiveSupport::Concern
+  def edit
+    @app_settings = DiscoApp::AppSettings.instance
+  end
+  def update
+    @app_settings = DiscoApp::AppSettings.instance
+    if @app_settings.update_attributes(app_settings_params)
+      flash[:success] = 'Settings updated.'
+      redirect_to edit_admin_app_settings_path
+    else
+      render 'edit'
+    end
+  end
+  private
+    def app_settings_params
+      params.require(:app_settings)
+    end
+end

data/app/controllers/disco_app/admin/concerns/authenticated_controller.rb ADDED Viewed

@@ -0,0 +1,20 @@
+module DiscoApp::Admin::Concerns::AuthenticatedController
+  extend ActiveSupport::Concern
+  included do
+    protect_from_forgery with: :exception
+    before_action :authenticate_administrator
+    layout 'admin'
+  end
+  private
+    def authenticate_administrator
+      authenticate_or_request_with_http_basic do |username, password|
+        (not username.blank?) && (not password.blank?) && username == ENV['ADMIN_APP_USERNAME'] && password == ENV['ADMIN_APP_PASSWORD']
+      end
+    end
+end

data/app/controllers/disco_app/admin/concerns/plans_controller.rb ADDED Viewed

@@ -0,0 +1,54 @@
+module DiscoApp::Admin::Concerns::PlansController
+  extend ActiveSupport::Concern
+  included do
+    before_action :find_plan, only: [:edit, :update, :destroy]
+  end
+  def index
+    @plans = DiscoApp::Plan.all
+  end
+  def new
+    @plan = DiscoApp::Plan.new
+  end
+  def create
+    @plan = DiscoApp::Plan.new(plan_params)
+    if @plan.save
+      redirect_to admin_plans_path
+    else
+      render 'new'
+    end
+  end
+  def edit
+  end
+  def update
+    if @plan.update_attributes(plan_params)
+      redirect_to edit_admin_plan_path(@plan)
+    else
+      render 'edit'
+    end
+  end
+  def destroy
+    @plan.destroy
+    redirect_to admin_plans_path
+  end
+  private
+    def find_plan
+      @plan = DiscoApp::Plan.find(params[:id])
+    end
+    def plan_params
+      params.require(:plan).permit(
+        :name, :status, :plan_type, :trial_period_days, :amount,
+        :plan_codes_attributes => [:id, :_destroy, :code, :trial_period_days, :amount]
+      )
+    end
+end

data/app/controllers/disco_app/admin/concerns/shops_controller.rb ADDED Viewed

@@ -0,0 +1,7 @@
+module DiscoApp::Admin::Concerns::ShopsController
+  extend ActiveSupport::Concern
+  def index
+  end
+end

data/app/controllers/disco_app/admin/concerns/subscriptions_controller.rb ADDED Viewed

@@ -0,0 +1,29 @@
+module DiscoApp::Admin::Concerns::SubscriptionsController
+  extend ActiveSupport::Concern
+  included do
+    before_action :find_subscription
+  end
+  def edit
+  end
+  def update
+    if @subscription.update_attributes(subscription_params)
+      redirect_to edit_admin_shop_subscription_path(@subscription.shop, @subscription)
+    else
+      render 'edit'
+    end
+  end
+  private
+    def find_subscription
+      @subscription = DiscoApp::Subscription.find_by_id(params[:id])
+    end
+    def subscription_params
+      params.require(:subscription).permit(:amount, :trial_period_days)
+    end
+end

data/app/controllers/disco_app/admin/plans_controller.rb ADDED Viewed

@@ -0,0 +1,3 @@
+class DiscoApp::Admin::PlansController < DiscoApp::Admin::ApplicationController
+  include DiscoApp::Admin::Concerns::PlansController
+end

data/app/controllers/disco_app/admin/resources/shops_controller.rb ADDED Viewed

@@ -0,0 +1,3 @@
+class DiscoApp::Admin::Resources::ShopsController < JSONAPI::ResourceController
+  include DiscoApp::Admin::Concerns::AuthenticatedController
+end

data/app/controllers/disco_app/admin/shops_controller.rb ADDED Viewed

@@ -0,0 +1,3 @@
+class DiscoApp::Admin::ShopsController < DiscoApp::Admin::ApplicationController
+  include DiscoApp::Admin::Concerns::ShopsController
+end

data/app/controllers/disco_app/admin/subscriptions_controller.rb ADDED Viewed

@@ -0,0 +1,3 @@
+class DiscoApp::Admin::SubscriptionsController < DiscoApp::Admin::ApplicationController
+  include DiscoApp::Admin::Concerns::SubscriptionsController
+end

data/app/controllers/disco_app/charges_controller.rb ADDED Viewed

@@ -0,0 +1,47 @@
+class DiscoApp::ChargesController < ApplicationController
+  include DiscoApp::Concerns::AuthenticatedController
+  skip_before_action :check_active_charge
+  before_action :find_subscription
+  # Display a "pre-charge" page, giving the opportunity to explain why a charge
+  # needs to be made.
+  def new
+  end
+  # Attempt to create a new charge for the logged in shop and selected
+  # subscription. If successful, redirect to the (external) charge confirmation
+  # URL. If it fails, redirect back to the new charge page.
+  def create
+    if(charge = DiscoApp::ChargesService.create(@shop, @subscription)).nil?
+      redirect_to action: :new
+    else
+      redirect_to charge.confirmation_url
+    end
+  end
+  # Attempt to activate a charge after a user has accepted or declined it.
+  # Redirect to the main application's root URL immediately afterwards - if the
+  # charge wasn't accepted, the flow will start again.
+  def activate
+    # First attempt to find a matching charge.
+    if(charge = @subscription.charges.find_by(id: params[:id], shopify_id: params[:charge_id])).nil?
+      redirect_to action: :new and return
+    end
+    if DiscoApp::ChargesService.activate(@shop, charge)
+      redirect_to main_app.root_url
+    else
+      redirect_to action: :new
+    end
+  end
+  private
+    def find_subscription
+      @subscription = @shop.subscriptions.find_by_id!(params[:subscription_id])
+      unless @subscription.requires_active_charge? and not @subscription.active_charge?
+        redirect_to main_app.root_url
+      end
+    end
+end

data/app/controllers/disco_app/concerns/app_proxy_controller.rb ADDED Viewed

@@ -0,0 +1,40 @@
+module DiscoApp::Concerns::AppProxyController
+  extend ActiveSupport::Concern
+  included do
+    before_action :verify_proxy_signature
+    before_action :shopify_shop
+    after_action :add_liquid_header
+    rescue_from ActiveRecord::RecordNotFound do |exception|
+      render_error 404
+    end
+  end
+  private
+    def verify_proxy_signature
+      unless proxy_signature_is_valid?
+        head :unauthorized
+      end
+    end
+    def proxy_signature_is_valid?
+      return true if Rails.env.development? and DiscoApp.configuration.skip_proxy_verification?
+      DiscoApp::ProxyService.proxy_signature_is_valid?(request.query_string, ShopifyApp.configuration.secret)
+    end
+    def shopify_shop
+      @shop = DiscoApp::Shop.find_by_shopify_domain!(params[:shop])
+    end
+    def add_liquid_header
+      response.headers['Content-Type'] = 'application/liquid'
+    end
+    def render_error(status)
+      add_liquid_header
+      render "disco_app/proxy_errors/#{status}", status: status
+    end
+end

data/app/controllers/disco_app/concerns/authenticated_controller.rb ADDED Viewed

@@ -0,0 +1,71 @@
+module DiscoApp::Concerns::AuthenticatedController
+  extend ActiveSupport::Concern
+  include ShopifyApp::LoginProtection
+  included do
+    before_action :auto_login
+    before_action :login_again_if_different_shop
+    before_action :shopify_shop
+    before_action :check_installed
+    before_action :check_current_subscription
+    before_action :check_active_charge
+    around_filter :shopify_session
+    layout 'embedded_app'
+  end
+  private
+    def auto_login
+      if shop_session.nil? and request_hmac_valid?
+        if(shop =  DiscoApp::Shop.find_by_shopify_domain(sanitized_shop_name)).present?
+          session[:shopify] = shop.id
+          session[:shopify_domain] = sanitized_shop_name
+        end
+      end
+    end
+    def shopify_shop
+      if shop_session
+        @shop = DiscoApp::Shop.find_by!(shopify_domain: @shop_session.url)
+      else
+        redirect_to_login
+      end
+    end
+    def check_installed
+      if @shop.awaiting_install? or @shop.installing?
+        redirect_if_not_current_path disco_app.installing_path
+        return
+      end
+      if @shop.awaiting_uninstall? or @shop.uninstalling?
+        redirect_if_not_current_path disco_app.uninstalling_path
+        return
+      end
+      unless @shop.installed?
+        redirect_if_not_current_path disco_app.install_path
+      end
+    end
+    def check_current_subscription
+      unless @shop.current_subscription?
+        redirect_if_not_current_path disco_app.new_subscription_path
+      end
+    end
+    def check_active_charge
+      if @shop.current_subscription? and @shop.current_subscription.requires_active_charge? and not @shop.development? and not @shop.current_subscription.active_charge?
+        redirect_if_not_current_path disco_app.new_subscription_charge_path(@shop.current_subscription)
+      end
+    end
+    def redirect_if_not_current_path(target)
+      if request.path != target
+        redirect_to target
+      end
+    end
+    def request_hmac_valid?
+      DiscoApp::RequestValidationService.hmac_valid?(request.query_string, ShopifyApp.configuration.secret)
+    end
+end

data/app/controllers/disco_app/concerns/carrier_request_controller.rb ADDED Viewed

@@ -0,0 +1,35 @@
+module DiscoApp::Concerns::CarrierRequestController
+  extend ActiveSupport::Concern
+  included do
+    before_action :verify_carrier_request
+    before_action :find_shop
+    before_action :validate_rate_params
+  end
+  private
+    def verify_carrier_request
+      unless carrier_request_signature_is_valid?
+        head :unauthorized
+      end
+    end
+    def carrier_request_signature_is_valid?
+      return true if Rails.env.development? and DiscoApp.configuration.skip_carrier_request_verification?
+      DiscoApp::CarrierRequestService.is_valid_hmac?(request.body.read.to_s, ShopifyApp.configuration.secret, request.headers['HTTP_X_SHOPIFY_HMAC_SHA256'])
+    end
+    def find_shop
+      unless (@shop = DiscoApp::Shop.find_by_shopify_domain(request.headers['HTTP_X_SHOPIFY_SHOP_DOMAIN']))
+        head :unauthorized
+      end
+    end
+    def validate_rate_params
+      unless params[:rate].present? and params[:rate][:origin].present? and params[:rate][:destination].present? and params[:rate][:items].present?
+        head :bad_request
+      end
+    end
+end

data/app/controllers/disco_app/frame_controller.rb ADDED Viewed

@@ -0,0 +1,9 @@
+class DiscoApp::FrameController < ActionController::Base
+  layout nil
+  def frame
+  end
+end

data/app/controllers/disco_app/install_controller.rb ADDED Viewed

@@ -0,0 +1,27 @@
+class DiscoApp::InstallController < ApplicationController
+  include DiscoApp::Concerns::AuthenticatedController
+  skip_before_action :check_current_subscription
+  skip_before_action :check_active_charge
+  # Start the installation process for the current shop, then redirect to the installing screen.
+  def install
+    DiscoApp::AppInstalledJob.perform_later(@shop, cookies[DiscoApp::CODE_COOKIE_KEY], cookies[DiscoApp::SOURCE_COOKIE_KEY])
+    redirect_to action: :installing
+  end
+  # Display an "installing" page.
+  def installing
+    if @shop.installed?
+      redirect_to main_app.root_path
+    end
+  end
+  # Display an "uninstalling" page. Should be almost never used.
+  def uninstalling
+    if @shop.uninstalled?
+      redirect_to main_app.root_path
+    end
+  end
+end

data/app/controllers/disco_app/subscriptions_controller.rb ADDED Viewed

@@ -0,0 +1,32 @@
+class DiscoApp::SubscriptionsController < ApplicationController
+  include DiscoApp::Concerns::AuthenticatedController
+  skip_before_action :check_current_subscription
+  def new
+    @subscription = DiscoApp::Subscription.new
+  end
+  def create
+    # Get the selected plan. If it's not available or couldn't be found,
+    # redirect back to the plan selection page.
+    if(plan = DiscoApp::Plan.available.find_by_id(subscription_params[:plan])).nil?
+      redirect_to action: :new and return
+    end
+    # Subscribe the current shop to the selected plan. Pass along any cookied
+    # plan code and source code.
+    if(subscription = DiscoApp::SubscriptionService.subscribe(@shop, plan, cookies[DiscoApp::CODE_COOKIE_KEY], cookies[DiscoApp::SOURCE_COOKIE_KEY])).nil?
+      redirect_to action: :new
+    else
+      redirect_to main_app.root_path
+    end
+  end
+  private
+    def subscription_params
+      params.require(:subscription).permit(:plan, :plan_code)
+    end
+end

data/app/controllers/disco_app/webhooks_controller.rb ADDED Viewed

@@ -0,0 +1,46 @@
+module DiscoApp
+  class WebhooksController < ActionController::Base
+    before_action :verify_webhook
+    def process_webhook
+      # Get the topic and domain for this webhook.
+      topic = request.headers['HTTP_X_SHOPIFY_TOPIC']
+      shopify_domain = request.headers['HTTP_X_SHOPIFY_SHOP_DOMAIN']
+      # Ensure a domain was provided in the headers.
+      unless shopify_domain
+        head :bad_request
+      end
+      # Try to find a matching background job task for the given topic using class name.
+      job_class = DiscoApp::WebhookService.find_job_class(topic)
+      # Return bad request if we couldn't match a job class.
+      unless job_class.present?
+        head :bad_request
+      end
+      # Decode the body data and enqueue the appropriate job.
+      data = ActiveSupport::JSON::decode(request.body.read).with_indifferent_access
+      job_class.perform_later(shopify_domain, data)
+      render nothing: true
+    end
+    private
+      def verify_webhook
+        unless webhook_is_valid?
+          head :unauthorized
+        end
+        request.body.rewind
+      end
+      def webhook_is_valid?
+        return true if Rails.env.development? and DiscoApp.configuration.skip_webhook_verification?
+        DiscoApp::WebhookService.is_valid_hmac?(request.body.read.to_s, ShopifyApp.configuration.secret, request.headers['HTTP_X_SHOPIFY_HMAC_SHA256'])
+      end
+  end
+end

data/app/controllers/sessions_controller.rb ADDED Viewed

@@ -0,0 +1,33 @@
+class SessionsController < ApplicationController
+  include ShopifyApp::SessionsConcern
+  def referral
+    cookies[DiscoApp::SOURCE_COOKIE_KEY] = params[:source] if params[:source].present?
+    cookies[DiscoApp::CODE_COOKIE_KEY] = params[:code] if params[:code].present?
+    redirect_to root_path
+  end
+  def failure
+    flash[:notice] = 'There was an issue while trying to authenticate, please retry'
+    redirect_to root_path
+  end
+  protected
+    # Override the authenticate method to allow skipping OAuth in development
+    # mode. Skipping OAuth still requires a shop with Shopify domain specified
+    # by the `shop` parameter to be present in the local database.
+    def authenticate
+      if Rails.env.development? and DiscoApp.configuration.skip_oauth?
+        shop = DiscoApp::Shop.find_by_shopify_domain!(sanitized_shop_name)
+        sess = ShopifyAPI::Session.new(shop.shopify_domain, shop.shopify_token)
+        session[:shopify] = ShopifyApp::SessionRepository.store(sess)
+        session[:shopify_domain] = sanitized_shop_name
+        redirect_to disco_app.frame_path and return
+      end
+      super
+    end
+end