disco_app 0.8.5

data/test/controllers/proxy_controller_test.rb

@@ -0,0 +1,42 @@
+require 'test_helper'
+
+class ProxyControllerTest < ActionController::TestCase
+
+  def setup
+    @shop = disco_app_shops(:widget_store)
+    @secret = ShopifyApp.configuration.secret
+  end
+
+  def teardown
+    @shop = nil
+    @secret = nil
+  end
+
+  test 'app proxy request without authentication information returns unauthorized' do
+    get(:index)
+    assert_response :unauthorized
+  end
+
+  test 'app proxy request with incorrect authentication information returns unauthorized' do
+    get(:index, proxy_params(shop: @shop.shopify_domain).merge(signature: 'invalid_signature'))
+    assert_response :unauthorized
+  end
+
+  test 'app proxy request with correct authentication information returns ok and has shop context' do
+    get(:index, proxy_params(shop: @shop.shopify_domain))
+    assert_response :ok
+    assert_equal @shop, assigns(:shop)
+  end
+
+  test 'app proxy request with correct authentication information but unknown shop returns 404' do
+    get(:index, proxy_params(shop: 'unknown.myshopify.com'))
+    assert_response :not_found
+  end
+
+  private
+
+    def proxy_params(**params)
+      params.merge(signature: DiscoApp::ProxyService.calculated_signature(params, @secret))
+    end
+
+end

data/test/disco_app_test.rb

@@ -0,0 +1,7 @@
+require 'test_helper'
+
+class DiscoAppTest < ActiveSupport::TestCase
+  test "truth" do
+    assert_kind_of Module, DiscoApp
+  end
+end

data/test/dummy/Rakefile

@@ -0,0 +1,6 @@
+# Add your own tasks in files placed in lib/tasks ending in .rake,
+# for example lib/tasks/capistrano.rake, and they will automatically be available to Rake.
+
+require File.expand_path('../config/application', __FILE__)
+
+Rails.application.load_tasks

data/test/dummy/app/assets/javascripts/application.js

@@ -0,0 +1,17 @@
+// This is a manifest file that'll be compiled into application.js, which will include all the files
+// listed below.
+//
+// Any JavaScript/Coffee file within this directory, lib/assets/javascripts, vendor/assets/javascripts,
+// or any plugin's vendor/assets/javascripts directory can be referenced here using a relative path.
+//
+// It's not advisable to add code directly here, but if you do, it'll appear at the bottom of the
+// compiled file.
+//
+// Read Sprockets README (https://github.com/rails/sprockets#sprockets-directives) for details
+// about supported directives.
+//
+//= require jquery
+//= require jquery_ujs
+//= require turbolinks
+//= require disco_app/disco_app
+//= require_tree .

data/test/dummy/app/assets/stylesheets/application.scss

@@ -0,0 +1,5 @@
+/*
+ * This is a manifest file that'll be compiled into application.css, which will include all the files
+ * listed below.
+ */
+@import "disco_app/disco_app";

data/test/dummy/app/controllers/application_controller.rb

@@ -0,0 +1,6 @@
+class ApplicationController < ActionController::Base
+  include ShopifyApp::Controller
+  # Prevent CSRF attacks by raising an exception.
+  # For APIs, you may want to use :null_session instead.
+  protect_from_forgery with: :exception
+end

data/test/dummy/app/controllers/home_controller.rb

@@ -0,0 +1,7 @@
+class HomeController < ApplicationController
+  include DiscoApp::AuthenticatedController
+
+  def index
+  end
+
+end

data/test/dummy/app/controllers/proxy_controller.rb

@@ -0,0 +1,8 @@
+class ProxyController < ActionController::Base
+  include DiscoApp::AppProxyController
+
+  def index
+    render text: 'ok'
+  end
+
+end

data/test/dummy/app/helpers/application_helper.rb

@@ -0,0 +1,2 @@
+module ApplicationHelper
+end

data/test/dummy/app/jobs/disco_app/app_uninstalled_job.rb

@@ -0,0 +1,11 @@
+class DiscoApp::AppUninstalledJob < DiscoApp::ShopJob
+  include DiscoApp::Concerns::AppUninstalledJob
+
+  # Extend the perform method to change the country name of the shop to
+  # 'Nowhere' on uninstallation.
+  def perform(domain, shop_data)
+    super(domain, shop_data)
+    @shop.update(country_name: 'Nowhere')
+  end
+
+end

data/test/dummy/app/models/disco_app/shop.rb

@@ -0,0 +1,15 @@
+require 'active_utils'
+
+class DiscoApp::Shop < ActiveRecord::Base
+  include DiscoApp::Concerns::Shop
+
+  # Extend the Shop model to return the Shop's country as an ActiveUtils country.
+  def country
+    begin
+      ActiveUtils::Country.find(country_name)
+    rescue ActiveUtils::InvalidCountryCodeError
+      nil
+    end
+  end
+
+end

data/test/dummy/app/views/home/index.html.erb

@@ -0,0 +1,2 @@
+<% provide(:title, 'Welcome') %>
+<h1>Welcome</h1>

data/test/dummy/bin/bundle

@@ -0,0 +1,3 @@
+#!/usr/bin/env ruby
+ENV['BUNDLE_GEMFILE'] ||= File.expand_path('../../Gemfile', __FILE__)
+load Gem.bin_path('bundler', 'bundle')

data/test/dummy/bin/rails

@@ -0,0 +1,4 @@
+#!/usr/bin/env ruby
+APP_PATH = File.expand_path('../../config/application', __FILE__)
+require_relative '../config/boot'
+require 'rails/commands'

data/test/dummy/bin/rake

@@ -0,0 +1,4 @@
+#!/usr/bin/env ruby
+require_relative '../config/boot'
+require 'rake'
+Rake.application.run

data/test/dummy/bin/setup

@@ -0,0 +1,29 @@
+#!/usr/bin/env ruby
+require 'pathname'
+
+# path to your application root.
+APP_ROOT = Pathname.new File.expand_path('../../',  __FILE__)
+
+Dir.chdir APP_ROOT do
+  # This script is a starting point to setup your application.
+  # Add necessary setup steps to this file:
+
+  puts "== Installing dependencies =="
+  system "gem install bundler --conservative"
+  system "bundle check || bundle install"
+
+  # puts "\n== Copying sample files =="
+  # unless File.exist?("config/database.yml")
+  #   system "cp config/database.yml.sample config/database.yml"
+  # end
+
+  puts "\n== Preparing database =="
+  system "bin/rake db:setup"
+
+  puts "\n== Removing old logs and tempfiles =="
+  system "rm -f log/*"
+  system "rm -rf tmp/cache"
+
+  puts "\n== Restarting application server =="
+  system "touch tmp/restart.txt"
+end

data/test/dummy/config/application.rb

@@ -0,0 +1,38 @@
+require File.expand_path('../boot', __FILE__)
+
+require 'rails/all'
+
+Bundler.require(*Rails.groups)
+require "disco_app"
+
+module Dummy
+  class Application < Rails::Application
+    config.action_dispatch.default_headers['P3P'] = 'CP="Not used"'
+    config.action_dispatch.default_headers.delete('X-Frame-Options')
+    # Settings in config/environments/* take precedence over those specified here.
+    # Application configuration should go into files in config/initializers
+    # -- all .rb files in that directory are automatically loaded.
+
+    # Set Time.zone default to the specified zone and make Active Record auto-convert to this zone.
+    # Run "rake -D time" for a list of tasks for finding time zone names. Default is UTC.
+    # config.time_zone = 'Central Time (US & Canada)'
+
+    # The default locale is :en and all translations from config/locales/*.rb,yml are auto loaded.
+    # config.i18n.load_path += Dir[Rails.root.join('my', 'locales', '*.{rb,yml}').to_s]
+    # config.i18n.default_locale = :de
+
+    # Set the default host for absolute URL routing purposes
+    routes.default_url_options[:host] = ENV['DEFAULT_HOST']
+
+    # Configure custom session storage
+    ActionDispatch::Session::ActiveRecordStore.session_class = DiscoApp::Session
+    ActiveRecord::SessionStore::Session.table_name = 'disco_app_sessions'
+
+    # Explicitly prevent real charges being created by default
+    config.x.shopify_charges_real = false
+
+    # Do not swallow errors in after_commit/after_rollback callbacks.
+    config.active_record.raise_in_transactional_callbacks = true
+  end
+end
+

data/test/dummy/config/boot.rb

@@ -0,0 +1,5 @@
+# Set up gems listed in the Gemfile.
+ENV['BUNDLE_GEMFILE'] ||= File.expand_path('../../../../Gemfile', __FILE__)
+
+require 'bundler/setup' if File.exist?(ENV['BUNDLE_GEMFILE'])
+$LOAD_PATH.unshift File.expand_path('../../../../lib', __FILE__)

data/test/dummy/config/database.yml

@@ -0,0 +1,25 @@
+# SQLite version 3.x
+#   gem install sqlite3
+#
+#   Ensure the SQLite 3 gem is defined in your Gemfile
+#   gem 'sqlite3'
+#
+default: &default
+  adapter: sqlite3
+  pool: 5
+  timeout: 5000
+
+development:
+  <<: *default
+  database: db/development.sqlite3
+
+# Warning: The database defined as "test" will be erased and
+# re-generated from your development database when you run "rake".
+# Do not set this db to the same as development or production.
+test:
+  <<: *default
+  database: db/test.sqlite3
+
+production:
+  <<: *default
+  database: db/production.sqlite3

data/test/dummy/config/environment.rb

@@ -0,0 +1,5 @@
+# Load the Rails application.
+require File.expand_path('../application', __FILE__)
+
+# Initialize the Rails application.
+Rails.application.initialize!

data/test/dummy/config/environments/development.rb

@@ -0,0 +1,41 @@
+Rails.application.configure do
+  # Settings specified here will take precedence over those in config/application.rb.
+
+  # In the development environment your application's code is reloaded on
+  # every request. This slows down response time but is perfect for development
+  # since you don't have to restart the web server when you make code changes.
+  config.cache_classes = false
+
+  # Do not eager load code on boot.
+  config.eager_load = false
+
+  # Show full error reports and disable caching.
+  config.consider_all_requests_local       = true
+  config.action_controller.perform_caching = false
+
+  # Don't care if the mailer can't send.
+  config.action_mailer.raise_delivery_errors = false
+
+  # Print deprecation notices to the Rails logger.
+  config.active_support.deprecation = :log
+
+  # Raise an error on page load if there are pending migrations.
+  config.active_record.migration_error = :page_load
+
+  # Debug mode disables concatenation and preprocessing of assets.
+  # This option may cause significant delays in view rendering with a large
+  # number of complex assets.
+  config.assets.debug = true
+
+  # Asset digests allow you to set far-future HTTP expiration dates on all assets,
+  # yet still be able to expire them through the digest params.
+  config.assets.digest = true
+
+  # Adds additional error checking when serving assets at runtime.
+  # Checks for improperly declared sprockets dependencies.
+  # Raises helpful error messages.
+  config.assets.raise_runtime_errors = true
+
+  # Raises error for missing translations
+  # config.action_view.raise_on_missing_translations = true
+end

data/test/dummy/config/environments/production.rb

@@ -0,0 +1,85 @@
+Rails.application.configure do
+  # Settings specified here will take precedence over those in config/application.rb.
+
+  # Use Sidekiq as the active job backend
+  config.active_job.queue_adapter = :sidekiq
+
+  # Allow real charges in production with an ENV variable
+  config.x.shopify_charges_real = ENV['SHOPIFY_CHARGES_REAL'] == 'true'
+
+  # Code is not reloaded between requests.
+  config.cache_classes = true
+
+  # Eager load code on boot. This eager loads most of Rails and
+  # your application in memory, allowing both threaded web servers
+  # and those relying on copy on write to perform better.
+  # Rake tasks automatically ignore this option for performance.
+  config.eager_load = true
+
+  # Full error reports are disabled and caching is turned on.
+  config.consider_all_requests_local       = false
+  config.action_controller.perform_caching = true
+
+  # Enable Rack::Cache to put a simple HTTP cache in front of your application
+  # Add `rack-cache` to your Gemfile before enabling this.
+  # For large-scale production use, consider using a caching reverse proxy like
+  # NGINX, varnish or squid.
+  # config.action_dispatch.rack_cache = true
+
+  # Disable serving static files from the `/public` folder by default since
+  # Apache or NGINX already handles this.
+  config.serve_static_files = ENV['RAILS_SERVE_STATIC_FILES'].present?
+
+  # Compress JavaScripts and CSS.
+  config.assets.js_compressor = :uglifier
+  # config.assets.css_compressor = :sass
+
+  # Do not fallback to assets pipeline if a precompiled asset is missed.
+  config.assets.compile = false
+
+  # Asset digests allow you to set far-future HTTP expiration dates on all assets,
+  # yet still be able to expire them through the digest params.
+  config.assets.digest = true
+
+  # `config.assets.precompile` and `config.assets.version` have moved to config/initializers/assets.rb
+
+  # Specifies the header that your server uses for sending files.
+  # config.action_dispatch.x_sendfile_header = 'X-Sendfile' # for Apache
+  # config.action_dispatch.x_sendfile_header = 'X-Accel-Redirect' # for NGINX
+
+  # Force all access to the app over SSL, use Strict-Transport-Security, and use secure cookies.
+  config.force_ssl = true
+
+  # Use the lowest log level to ensure availability of diagnostic information
+  # when problems arise.
+  config.log_level = :debug
+
+  # Prepend all log lines with the following tags.
+  # config.log_tags = [ :subdomain, :uuid ]
+
+  # Use a different logger for distributed setups.
+  # config.logger = ActiveSupport::TaggedLogging.new(SyslogLogger.new)
+
+  # Use a different cache store in production.
+  # config.cache_store = :mem_cache_store
+
+  # Enable serving of images, stylesheets, and JavaScripts from an asset server.
+  # config.action_controller.asset_host = 'http://assets.example.com'
+
+  # Ignore bad email addresses and do not raise email delivery errors.
+  # Set this to true and configure the email server for immediate delivery to raise delivery errors.
+  # config.action_mailer.raise_delivery_errors = false
+
+  # Enable locale fallbacks for I18n (makes lookups for any locale fall back to
+  # the I18n.default_locale when a translation cannot be found).
+  config.i18n.fallbacks = true
+
+  # Send deprecation notices to registered listeners.
+  config.active_support.deprecation = :notify
+
+  # Use default logging formatter so that PID and timestamp are not suppressed.
+  config.log_formatter = ::Logger::Formatter.new
+
+  # Do not dump schema after migrations.
+  config.active_record.dump_schema_after_migration = false
+end

data/test/dummy/config/environments/test.rb

@@ -0,0 +1,42 @@
+Rails.application.configure do
+  # Settings specified here will take precedence over those in config/application.rb.
+
+  # The test environment is used exclusively to run your application's
+  # test suite. You never need to work with it otherwise. Remember that
+  # your test database is "scratch space" for the test suite and is wiped
+  # and recreated between test runs. Don't rely on the data there!
+  config.cache_classes = true
+
+  # Do not eager load code on boot. This avoids loading your whole application
+  # just for the purpose of running a single test. If you are using a tool that
+  # preloads Rails for running tests, you may have to set it to true.
+  config.eager_load = false
+
+  # Configure static file server for tests with Cache-Control for performance.
+  config.serve_static_files   = true
+  config.static_cache_control = 'public, max-age=3600'
+
+  # Show full error reports and disable caching.
+  config.consider_all_requests_local       = true
+  config.action_controller.perform_caching = false
+
+  # Raise exceptions instead of rendering exception templates.
+  config.action_dispatch.show_exceptions = false
+
+  # Disable request forgery protection in test environment.
+  config.action_controller.allow_forgery_protection = false
+
+  # Tell Action Mailer not to deliver emails to the real world.
+  # The :test delivery method accumulates sent emails in the
+  # ActionMailer::Base.deliveries array.
+  config.action_mailer.delivery_method = :test
+
+  # Randomize the order test cases are executed.
+  config.active_support.test_order = :random
+
+  # Print deprecation notices to the stderr.
+  config.active_support.deprecation = :stderr
+
+  # Raises error for missing translations
+  # config.action_view.raise_on_missing_translations = true
+end

data/test/dummy/config/initializers/assets.rb

@@ -0,0 +1,11 @@
+# Be sure to restart your server when you modify this file.
+
+# Version of your assets, change this if you want to expire all your assets.
+Rails.application.config.assets.version = '1.0'
+
+# Add additional assets to the asset load path
+# Rails.application.config.assets.paths << Emoji.images_path
+
+# Precompile additional assets.
+# application.js, application.css, and all non-JS/CSS in app/assets folder are already added.
+# Rails.application.config.assets.precompile += %w( search.js )

data/test/dummy/config/initializers/backtrace_silencers.rb

@@ -0,0 +1,7 @@
+# Be sure to restart your server when you modify this file.
+
+# You can add backtrace silencers for libraries that you're using but don't wish to see in your backtraces.
+# Rails.backtrace_cleaner.add_silencer { |line| line =~ /my_noisy_library/ }
+
+# You can also remove all the silencers if you're trying to debug a problem that might stem from framework code.
+# Rails.backtrace_cleaner.remove_silencers!

data/test/dummy/config/initializers/cookies_serializer.rb

@@ -0,0 +1,3 @@
+# Be sure to restart your server when you modify this file.
+
+Rails.application.config.action_dispatch.cookies_serializer = :json

data/test/dummy/config/initializers/disco_app.rb

@@ -0,0 +1,14 @@
+DiscoApp::Engine.routes.default_url_options[:host] = ENV['DEFAULT_HOST']
+
+DiscoApp.configure do |config|
+  # Required configuration.
+  config.app_name = ENV['SHOPIFY_APP_NAME']
+
+  # Set the below if using an application proxy.
+  config.app_proxy_prefix = ENV['SHOPIFY_APP_PROXY_PREFIX']
+
+  # Optional configuration, usually useful for development environments.
+  config.skip_proxy_verification = ENV['SKIP_PROXY_VERIFICATION']
+  config.skip_webhook_verification = ENV['SKIP_WEBHOOK_VERIFICATION']
+  config.skip_carrier_request_verification = ENV['SKIP_CARRIER_REQUEST_VERIFICATION']
+end

data/test/dummy/config/initializers/filter_parameter_logging.rb

@@ -0,0 +1,4 @@
+# Be sure to restart your server when you modify this file.
+
+# Configure sensitive parameters which will be filtered from the log file.
+Rails.application.config.filter_parameters += [:password]

data/test/dummy/config/initializers/inflections.rb

@@ -0,0 +1,16 @@
+# Be sure to restart your server when you modify this file.
+
+# Add new inflection rules using the following format. Inflections
+# are locale specific, and you may define rules for as many different
+# locales as you wish. All of these examples are active by default:
+# ActiveSupport::Inflector.inflections(:en) do |inflect|
+#   inflect.plural /^(ox)$/i, '\1en'
+#   inflect.singular /^(ox)en/i, '\1'
+#   inflect.irregular 'person', 'people'
+#   inflect.uncountable %w( fish sheep )
+# end
+
+# These inflection rules are supported but not enabled by default:
+# ActiveSupport::Inflector.inflections(:en) do |inflect|
+#   inflect.acronym 'RESTful'
+# end

data/test/dummy/config/initializers/mime_types.rb

@@ -0,0 +1,4 @@
+# Be sure to restart your server when you modify this file.
+
+# Add new mime types for use in respond_to blocks:
+# Mime::Type.register "text/richtext", :rtf

data/test/dummy/config/initializers/omniauth.rb

@@ -0,0 +1,9 @@
+Rails.application.config.middleware.use OmniAuth::Builder do
+  provider :shopify,
+    ShopifyApp.configuration.api_key,
+    ShopifyApp.configuration.secret,
+
+    :redirect_uri => ShopifyApp.configuration.redirect_uri,
+
+    :scope => ShopifyApp.configuration.scope
+end

data/test/dummy/config/initializers/session_store.rb

@@ -0,0 +1,2 @@
+# Use an ActiveRecord-based session store.
+Rails.application.config.session_store :active_record_store, :key => '_disco_app_session'

data/test/dummy/config/initializers/shopify_app.rb

@@ -0,0 +1,7 @@
+ShopifyApp.configure do |config|
+  config.api_key = ENV['SHOPIFY_APP_API_KEY']
+  config.secret = ENV['SHOPIFY_APP_SECRET']
+  config.redirect_uri = ENV['SHOPIFY_APP_REDIRECT_URI']
+  config.scope = ENV['SHOPIFY_APP_SCOPE']
+  config.embedded_app = true
+end

data/test/dummy/config/initializers/shopify_session_repository.rb

@@ -0,0 +1,7 @@
+if Rails.configuration.cache_classes
+  ShopifyApp::SessionRepository.storage = DiscoApp::SessionStorage
+else
+  ActionDispatch::Reloader.to_prepare do
+    ShopifyApp::SessionRepository.storage = DiscoApp::SessionStorage
+  end
+end

data/test/dummy/config/initializers/wrap_parameters.rb

@@ -0,0 +1,14 @@
+# Be sure to restart your server when you modify this file.
+
+# This file contains settings for ActionController::ParamsWrapper which
+# is enabled by default.
+
+# Enable parameter wrapping for JSON. You can disable this by setting :format to an empty array.
+ActiveSupport.on_load(:action_controller) do
+  wrap_parameters format: [:json] if respond_to?(:wrap_parameters)
+end
+
+# To enable root element in JSON for ActiveRecord objects.
+# ActiveSupport.on_load(:active_record) do
+#  self.include_root_in_json = true
+# end

data/test/dummy/config/locales/en.yml

@@ -0,0 +1,23 @@
+# Files in the config/locales directory are used for internationalization
+# and are automatically loaded by Rails. If you want to use locales other
+# than English, add the necessary files in this directory.
+#
+# To use the locales, use `I18n.t`:
+#
+#     I18n.t 'hello'
+#
+# In views, this is aliased to just `t`:
+#
+#     <%= t('hello') %>
+#
+# To use a different locale, set it with `I18n.locale`:
+#
+#     I18n.locale = :es
+#
+# This would use the information in config/locales/es.yml.
+#
+# To learn more, please read the Rails Internationalization guide
+# available at http://guides.rubyonrails.org/i18n.html.
+
+en:
+  hello: "Hello world"

data/test/dummy/config/routes.rb

@@ -0,0 +1,10 @@
+Rails.application.routes.draw do
+
+  root to: 'home#index'
+
+  get '/proxy', to: 'proxy#index'
+
+  mount ShopifyApp::Engine, at: '/'
+  mount DiscoApp::Engine, at: '/'
+
+end

data/test/dummy/config/secrets.yml

@@ -0,0 +1,22 @@
+# Be sure to restart your server when you modify this file.
+
+# Your secret key is used for verifying the integrity of signed cookies.
+# If you change this key, all old signed cookies will become invalid!
+
+# Make sure the secret is at least 30 characters and all random,
+# no regular words or you'll be exposed to dictionary attacks.
+# You can use `rake secret` to generate a secure secret key.
+
+# Make sure the secrets in this file are kept private
+# if you're sharing your code publicly.
+
+development:
+  secret_key_base: 0cddddfcccc53c82114d3f0c81ce603461c02d1ff661b2508e599f408416b4fe7525cfe0c91e2bf84cacc5c72daa2e6836ef2e8af05d2bb138e116713da7db24
+
+test:
+  secret_key_base: fbdd6a5a671bb1d6592648b96321f95b115b25ef198cdb5147c5ad48c0a349dcd5346a6a72ac0d3c4d13dcf16bc052c7ef2ec08254f0a519b78bedb4a6bc0d96
+
+# Do not keep production secrets in the repository,
+# instead read values from the environment.
+production:
+  secret_key_base: <%= ENV["SECRET_KEY_BASE"] %>

data/test/dummy/config.ru

@@ -0,0 +1,4 @@
+# This file is used by Rack-based servers to start the application.
+
+require ::File.expand_path('../config/environment', __FILE__)
+run Rails.application