discourse_dev 0.0.9 → 0.1.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 3c041cf9d05c586e547562729b749c5f86bc388a8311cd2a12fbb48e6ef3d56f
-  data.tar.gz: 69ddc047893ac6f4deeaf5f723eceb4317f6ba17a9d7b18bccfe520455286e76
+  metadata.gz: ee90422d22b330921c72be89d86be91edf94966537d869c06efb2687762853f4
+  data.tar.gz: cb5b3d27e5a93011c2ef10ff77d73b5393ed9a1f04a7efb538ef2f6a67776e12
 SHA512:
-  metadata.gz: afcf13989b8677fe40aa5c80201d6b8fcc77bd1f7465bc03d8fbce153d009b2efd9a71de72f5950820d5f7b275ec7bbff16bed5d7b43c7264af02a382aa3b54f
-  data.tar.gz: dbad0056c7af12f508f623b7ddaac2ffbf04c452fb26580d257822fc34d990146cf4722375450934de3b78e2ec8e5f70f594e52764e3c68f6448f9c78eb71181
+  metadata.gz: 396e17d2e66c01d8a8e75381bd3a36264ddfc7d01ffc1dc3a578ee938a328805b35eda592d603388d38cba278a9c089a7a71a2ea03ba67a5bc3c30130b94a37a
+  data.tar.gz: b8fe74f3a03140cad606e9479b043e30b23c7eaf9b1f098e06613ad7c8662b3c742aab901e03965e64c0dfa0110b6c7cfa7a2a77d97e8e97b1cda63ac4c6e0db

data/auth/app/views/fake_discourse_connect/form.html.erb

@@ -0,0 +1,120 @@
+<%# Layout/CSS borrowed from Omniauth's Form system %>
+<!DOCTYPE html>
+<html>
+   <head>
+      <meta http-equiv="Content-Type" content="text/html; charset=utf-8">
+      <title>Fake DiscourseConnect Provider</title>
+      <style type='text/css'>
+        body {
+          background: #ccc;
+          font-family: "Lucida Grande", "Lucida Sans", Helvetica, Arial, sans-serif;
+        }
+
+        h1 {
+          text-align: center;
+          margin: 30px auto 0px;
+          font-size: 18px;
+          padding: 10px 10px 15px;
+          background: #555;
+          color: white;
+          width: 320px;
+          border: 10px solid #444;
+          border-bottom: 0;
+          -moz-border-radius-topleft: 10px;
+          -moz-border-radius-topright: 10px;
+          -webkit-border-top-left-radius: 10px;
+          -webkit-border-top-right-radius: 10px;
+          border-top-left-radius: 10px;
+          border-top-right-radius: 10px;
+        }
+
+        h1,
+        form {
+          -moz-box-shadow: 2px 2px 7px rgba(0, 0, 0, 0.3);
+          -webkit-box-shadow: 2px 2px 7px rgba(0, 0, 0, 0.3);
+        }
+
+        form {
+          background: white;
+          border: 10px solid #eee;
+          border-top: 0;
+          padding: 20px;
+          margin: 0px auto 40px;
+          width: 300px;
+          -moz-border-radius-bottomleft: 10px;
+          -moz-border-radius-bottomright: 10px;
+          -webkit-border-bottom-left-radius: 10px;
+          -webkit-border-bottom-right-radius: 10px;
+          border-bottom-left-radius: 10px;
+          border-bottom-right-radius: 10px;
+        }
+
+        label {
+          display: block;
+          font-weight: bold;
+          margin-bottom: 5px;
+        }
+
+        input, select {
+          font-size: 18px;
+          padding: 4px 8px;
+          display: block;
+          margin-bottom: 10px;
+          width: 280px;
+        }
+
+        select {
+          width: calc(280px + 20px);
+        }
+
+        button {
+          font-size: 22px;
+          padding: 4px 8px;
+          display: block;
+          margin: 20px auto 0;
+        }
+
+        fieldset {
+          border: 1px solid #ccc;
+          border-left: 0;
+          border-right: 0;
+          padding: 10px 0;
+        }
+
+        fieldset input {
+          width: 260px;
+          font-size: 16px;
+        }
+
+        details summary {
+          cursor: pointer;
+          margin-bottom: 10px;
+        }
+      </style>
+   </head>
+   <body>
+      <h1>Fake DiscourseConnect Provider</h1>
+      <form method='post' noValidate='noValidate'>
+        <input type='hidden' name='sso_payload' value='<%= @payload %>'/>
+        <% @simple_fields.each do |f| %>
+          <label for='<%= f %>'><%= f %>:</label><input type='text' id='<%= f %>' name='<%= f %>' value='<%= @defaults[f] %>'/>
+        <% end %>
+        <details>
+          <summary>Advanced</summary>
+          <% @advanced_fields.each do |f| %>
+            <% if @bools.include? f %>
+              <label for='<%= f %>'><%= f %>:</label>
+              <select name="<%= f %>" id="<%= f %>">
+                <% ["", "true", "false"].each do |opt| %>
+                  <option <%= "selected" if @defaults[f] == opt %> value="<%= opt %>"><%= opt %></option>
+                <% end %>
+              </select>
+            <% else %>
+              <label for='<%= f %>'><%= f %>:</label><input type='text' id='<%= f %>' name='<%= f %>' value='<%= @defaults[f] %>'/>
+            <% end %>
+          <% end %>
+        </details>
+        <button type='submit'>Go</button>
+      </form>
+   </body>
+</html>

data/auth/plugin.rb

@@ -0,0 +1,220 @@
+# frozen_string_literal: true
+
+# name: discourse-development-auth
+# about: A fake authentication provider for development puposes only
+# version: 1.0
+# authors: David Taylor
+# url: https://github.com/discourse/discourse-development-auth
+
+raise "discourse-development-auth is highly insecure and should not be installed in production" if Rails.env.production?
+
+PLUGIN_NAME = "discourse-development-auth"
+
+module ::OmniAuth
+  module Strategies
+    class Development
+      include ::OmniAuth::Strategy
+
+      FIELDS = %w{
+        uid
+        name
+        email
+        email_verified
+        nickname
+        first_name
+        last_name
+        location
+        description
+        image
+      }
+
+      COOKIE = "development-auth-defaults"
+
+      def request_phase
+        return unless is_allowed?
+        if (env['REQUEST_METHOD'] == 'POST') && (request.params['uid'])
+          data = request.params.slice(*FIELDS)
+
+          r = Rack::Response.new
+          r.set_cookie(COOKIE, {value: data.to_json, path: "/", expires: 1.month.from_now})
+
+          uri = URI.parse(callback_path)
+          uri.query = URI.encode_www_form(data)
+          r.redirect(uri)
+
+          return r.finish
+        end
+
+        build_form.to_response
+      end
+
+      def build_form
+        token = begin
+          verifier = CSRFTokenVerifier.new
+          verifier.call(env)
+          verifier.form_authenticity_token
+        end
+
+        request = Rack::Request.new(env)
+        raw_defaults = request.cookies[COOKIE] || "{}"
+        defaults = JSON.parse(raw_defaults) rescue {}
+        defaults["uid"] = SecureRandom.hex(8) unless defaults["uid"].present?
+        defaults["email_verified"] = "true" unless defaults["email_verified"].present?
+
+        OmniAuth::Form.build(:title => "Fake Authentication Provider") do
+          html "\n<input type='hidden' name='authenticity_token' value='#{token}'/>"
+
+          FIELDS.each do |f|
+            label_field(f, f)
+            if f == "email_verified"
+              html "<input type='checkbox' id='#{f}' name='#{f}' value='true' #{"checked" if defaults[f] == "true"}/>"
+            else
+              html "<input type='text' id='#{f}' name='#{f}' value='#{defaults[f]}'/>"
+            end
+          end
+        end
+      end
+
+      def callback_phase
+        return unless is_allowed?
+        super
+      end
+
+      def auth_hash
+        info = request.params.slice(*FIELDS)
+        uid = info.delete("uid")
+        email_verified = (info.delete("email_verified") == "true")
+        OmniAuth::Utils.deep_merge(super, {
+          'uid' => uid,
+          'info' => info,
+          'extra' => { "raw_info" => { "email_verified" => email_verified } }
+        })
+      end
+
+      def is_allowed?
+        return true if DiscourseDev.config.allow_anonymous_to_impersonate
+        fail!("Enable `allow_anonymous_to_impersonate` setting in `config/dev.yml` file.")
+        false
+      end
+    end
+  end
+end
+
+class DevelopmentAuthenticator < Auth::ManagedAuthenticator
+  def name
+    'developmentauth'
+  end
+
+  def can_revoke?
+    true
+  end
+
+  def can_connect_existing_user?
+    true
+  end
+
+  def enabled?
+    DiscourseDev.auth_plugin_enabled?
+  end
+
+  def register_middleware(omniauth)
+    omniauth.provider :development, name: :developmentauth
+  end
+
+  def primary_email_verified?(auth)
+    auth['extra']['raw_info']['email_verified']
+  end
+end
+
+auth_provider authenticator: DevelopmentAuthenticator.new
+
+
+### DiscourseConnect
+after_initialize do
+  module ::DevelopmentAuth
+    class Engine < ::Rails::Engine
+      engine_name PLUGIN_NAME
+      isolate_namespace ::DevelopmentAuth
+    end
+  end
+
+  class ::DevelopmentAuth::FakeDiscourseConnectController < ::ApplicationController
+    requires_plugin "discourse-development-auth"
+
+    skip_before_action :check_xhr, :preload_json, :redirect_to_login_if_required, :verify_authenticity_token
+
+    SIMPLE_FIELDS = %w{
+      external_id
+      email
+      username
+      name
+    }
+    ADVANCED_FIELDS = SingleSignOn::ACCESSORS.map(&:to_s) - SIMPLE_FIELDS
+    FIELDS = SIMPLE_FIELDS + ADVANCED_FIELDS
+
+    BOOLS = SingleSignOn::BOOLS.map(&:to_s)
+
+    COOKIE = "development-auth-discourseconnect-defaults"
+
+    def auth
+      return unless is_allowed?
+
+      params.require(:sso)
+      @payload = request.query_string
+      sso = SingleSignOn.parse(@payload, SiteSetting.discourse_connect_secret)
+
+      if request.method == "POST" && params[:external_id]
+        data = {}
+        FIELDS.each do |f|
+          sso.send(:"#{f}=", params[f])
+          data[f] = params[f]
+          cookies[COOKIE] = { value: data.to_json, path: "/", expires: 1.month.from_now }
+        end
+
+        return redirect_to sso.to_url(sso.return_sso_url)
+      end
+
+      raw_defaults = cookies[COOKIE] || "{}"
+      @defaults = JSON.parse(raw_defaults) rescue {}
+      @defaults["return_sso_url"] = sso.return_sso_url
+      @defaults["nonce"] = sso.nonce
+      @defaults["external_id"] = SecureRandom.hex(8) unless @defaults["external_id"].present?
+      render_form
+    end
+
+    private
+
+    def render_form
+      @simple_fields = SIMPLE_FIELDS
+      @advanced_fields = ADVANCED_FIELDS
+      @bools = BOOLS
+      append_view_path(File.expand_path("../app/views", __FILE__))
+      render template: "fake_discourse_connect/form", layout: false
+    end
+  end 
+
+  DevelopmentAuth::Engine.routes.draw do
+    get "/fake-discourse-connect" => "fake_discourse_connect#auth"
+    post "/fake-discourse-connect" => "fake_discourse_connect#auth"
+  end
+
+  Discourse::Application.routes.append do
+    mount ::DevelopmentAuth::Engine, at: "/development-auth"
+  end
+
+  DiscourseSingleSignOn.singleton_class.prepend(Module.new do
+    def sso_url
+      if DiscourseDev.auth_plugin_enabled?
+        return "#{Discourse.base_path}/development-auth/fake-discourse-connect"
+      end
+      super
+    end
+  end)
+
+  EnableSsoValidator.prepend(Module.new do
+    def valid_value?(val)
+      return true if DiscourseDev.auth_plugin_enabled?
+      super
+    end
+  end)
+end

data/{lib/discourse_dev/config.yml → config/dev.yml}

@@ -4,3 +4,8 @@ site_settings:
 seed: 1
 start_date: "01/01/2020"
 max_likes_count: 10
+auth_plugin_enabled: true
+allow_anonymous_to_impersonate: false
+new_user:
+   username: new_user
+   email: new_user@example.com

data/config/locales/client.en.yml

@@ -0,0 +1,6 @@
+en:
+  js:
+    login:
+      developmentauth:
+        title: DevelopmentAuth
+        name: DevelopmentAuth

data/lib/discourse_dev.rb

@@ -4,16 +4,40 @@ require 'i18n'
 
 Dir[File.dirname(__FILE__) + '/**/*.rb'].each {|file| require file }
 
-I18n.load_path += Dir[File.join(__dir__, 'faker', 'locales', '**/*.yml')]
-I18n.reload! if I18n.backend.initialized?
-
 module DiscourseDev
   require 'discourse_dev/railtie'
   require 'discourse_dev/engine'
 
+  def self.auth_plugin_enabled?
+    config.auth_plugin_enabled
+  end
+
   def self.config
     @config ||= Config.new
   end
+
+  def self.auth_plugin
+    return unless auth_plugin_enabled?
+
+    @auth_plugin ||= begin
+      path = File.join(root, 'auth', 'plugin.rb')
+      source = File.read(path)
+      metadata = Plugin::Metadata.parse(source)
+      Plugin::Instance.new(metadata, path)
+    end
+  end
+
+  def self.settings_file
+    File.join(root, "config", "settings.yml")
+  end
+
+  def self.client_locale_files(locale_str)
+    Dir[File.join(root, "config", "locales", "client*.#{locale_str}.yml")]
+  end
+
+  def self.root
+    File.expand_path("..", __dir__)
+  end
 end
 
 require "active_record/database_configurations"

data/lib/discourse_dev/config.rb

@@ -1,14 +1,15 @@
 # frozen_string_literal: true
 
 require 'rails'
+require 'highline/import'
 
 module DiscourseDev
   class Config
-    attr_reader :config, :default_config
+    attr_reader :config, :default_config, :file_path
 
     def initialize
-      default_file_path = File.join(File.expand_path(__dir__), "config.yml")
-      file_path = File.join(Rails.root, "config", "dev.yml")
+      default_file_path = File.join(DiscourseDev.root, "config", "dev.yml")
+      @file_path = File.join(Rails.root, "config", "dev.yml")
       @default_config = YAML.load_file(default_file_path)
 
       if File.exists?(file_path)
@@ -23,6 +24,7 @@ module DiscourseDev
     def update!
       update_site_settings
       create_admin_user
+      create_new_user
       set_seed
     end
 
@@ -54,21 +56,24 @@ module DiscourseDev
       settings = config["admin"]
 
       if settings.present?
-        email = settings["email"]
+        create_admin_user_from_settings(settings)
+      else
+        create_admin_user_from_input
+      end
+    end
+
+    def create_new_user
+      settings = config["new_user"]
+
+      if settings.present?
+        email = settings["email"] || "new_user@example.com"
 
-        admin = ::User.create!(
+        new_user = ::User.create!(
           email: email,
-          username: settings["username"] || UserNameSuggester.suggest(email),
-          password: settings["password"]
+          username: settings["username"] || UserNameSuggester.suggest(email)
         )
-        admin.grant_admin!
-        if admin.trust_level < 1
-          admin.change_trust_level!(1)
-        end
-        admin.email_tokens.update_all confirmed: true
-        admin.activate
-      else
-        Rake::Task['admin:create'].invoke
+        new_user.email_tokens.update_all confirmed: true
+        new_user.activate
       end
     end
 
@@ -83,7 +88,69 @@ module DiscourseDev
 
     def method_missing(name)
       name = name.to_s
-      config[name] || default_config[name]
+      return config[name] if config.keys.include?(name)
+      default_config[name]
+    end
+
+    def create_admin_user_from_settings(settings)
+      email = settings["email"]
+
+      admin = ::User.create!(
+        email: email,
+        username: settings["username"] || UserNameSuggester.suggest(email),
+        password: settings["password"]
+      )
+      admin.grant_admin!
+      if admin.trust_level < 1
+        admin.change_trust_level!(1)
+      end
+      admin.email_tokens.update_all confirmed: true
+      admin.activate
+    end
+
+    def create_admin_user_from_input
+      begin
+        email = ask("Email:  ")
+        password = ask("Password (optional, press ENTER to skip):  ")
+        username = UserNameSuggester.suggest(email)
+
+        admin = ::User.new(
+          email: email,
+          username: username
+        )
+
+        if password.present?
+          admin.password = password
+        else
+          puts "Once site is running use https://localhost:9292/user/#{username}/become to access the account in development"
+        end
+
+        admin.name = ask("Full name:  ") if SiteSetting.full_name_required
+        saved = admin.save
+
+        if saved
+          File.open(file_path, 'a') do | file|
+            file.puts("admin:")
+            file.puts("  username: #{admin.username}")
+            file.puts("  email: #{admin.email}")
+            file.puts("  password: #{password}") if password.present?
+          end
+        else
+          say(admin.errors.full_messages.join("\n"))
+        end
+      end while !saved
+
+      admin.active = true
+      admin.save
+
+      admin.grant_admin!
+      if admin.trust_level < 1
+        admin.change_trust_level!(1)
+      end
+      admin.email_tokens.update_all confirmed: true
+      admin.activate
+
+      say("\nAdmin account created successfully with username #{admin.username}")
     end
   end
 end

data/lib/discourse_dev/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module DiscourseDev
-  VERSION = "0.0.9"
+  VERSION = "0.1.0"
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: discourse_dev
 version: !ruby/object:Gem::Version
-  version: 0.0.9
+  version: 0.1.0
 platform: ruby
 authors:
 - Vinoth Kannan
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2021-04-09 00:00:00.000000000 Z
+date: 2021-04-15 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: faker
@@ -65,6 +65,8 @@ files:
 - LICENSE.txt
 - README.md
 - Rakefile
+- auth/app/views/fake_discourse_connect/form.html.erb
+- auth/plugin.rb
 - avatars/03F55412-DE8A-4F83-AAA6-D67EE5CE48DA-200w.jpeg
 - avatars/1C4EEDC2-FE9C-40B3-A2C9-A038873EE692-200w.jpeg
 - avatars/26CFEFB3-21C8-49FC-8C19-8E6A62B6D2E0-200w.jpeg
@@ -78,12 +80,14 @@ files:
 - avatars/BA0CB1F2-8C79-4376-B13B-DD5FB8772537-200w.jpeg
 - avatars/E0B4CAB3-F491-4322-BEF2-208B46748D4A-200w.jpeg
 - avatars/FBEBF655-4886-455A-A4A4-D62B77DD419B-200w.jpeg
+- config/dev.yml
+- config/locales/client.en.yml
+- config/locales/faker.en.yml
 - config/routes.rb
 - discourse_dev.gemspec
 - lib/discourse_dev.rb
 - lib/discourse_dev/category.rb
 - lib/discourse_dev/config.rb
-- lib/discourse_dev/config.yml
 - lib/discourse_dev/engine.rb
 - lib/discourse_dev/group.rb
 - lib/discourse_dev/post.rb
@@ -96,7 +100,6 @@ files:
 - lib/discourse_dev/user.rb
 - lib/discourse_dev/version.rb
 - lib/faker/discourse.rb
-- lib/faker/locales/en.yml
 homepage: https://github.com/discourse/discourse_dev
 licenses:
 - MIT