ditty 0.7.1 → 0.10.1

data/spec/support/crud_shared_examples.rb

@@ -0,0 +1,145 @@
+# frozen_string_literal: true
+
+shared_examples 'a CRUD Controller' do |route|
+  context 'GET' do
+    it '/doesnotexist' do
+      get '/doesnotexist'
+      expect(last_response).not_to be_ok
+      expect(last_response.status).to eq 404
+    end
+
+    it route.to_s do
+      model # Ensure that there's at least one item in the list
+      get '/'
+
+      if Pundit.policy(user, app.model_class).list?
+        expect(last_response).to be_ok, "Expected OK response, got #{last_response.status}"
+      else
+        expect(last_response).not_to be_ok, "Expected a NOT OK response, got #{last_response.status}"
+      end
+    end
+
+    it "#{route}?count=1&page=1" do
+      model # Ensure that there's at least one item in the list
+      get '/?count=1&page=1'
+
+      if Pundit.policy(user, app.model_class).list?
+        expect(last_response).to be_ok, "Expected OK response, got #{last_response.status}"
+      else
+        expect(last_response).not_to be_ok, "Expected a NOT OK response, got #{last_response.status}"
+      end
+    end
+
+    it "#{route}/new" do
+      get '/new'
+
+      if Pundit.policy(user, app.model_class).create?
+        expect(last_response).to be_ok, "Expected OK response, got #{last_response.status}"
+      else
+        expect(last_response).not_to be_ok, "Expected a NOT OK response, got #{last_response.status}"
+      end
+    end
+
+    it "#{route}/id" do
+      get "/#{model.id}"
+
+      if Pundit.policy(user, model).read?
+        expect(last_response).to be_ok, "Expected OK response, got #{last_response.status}"
+      else
+        expect(last_response).not_to be_ok, "Expected a NOT OK response, got #{last_response.status}"
+      end
+    end
+
+    it "#{route}/id/edit" do
+      get "/#{model.id}/edit"
+
+      if Pundit.policy(user, model).update?
+        expect(last_response).to be_ok, "Expected OK response, got #{last_response.status}"
+      else
+        expect(last_response).not_to be_ok, "Expected a NOT OK response, got #{last_response.status}"
+      end
+    end
+  end
+
+  context 'POST' do
+    it '/doesnotexist' do
+      header 'Accept', 'text/html'
+      post '/doesnotexist'
+      expect(last_response).not_to be_ok, "Expected a NOT OK response, got #{last_response.status}"
+      expect(last_response.status).to eq 404
+    end
+
+    it route.to_s do
+      header 'Accept', 'text/html'
+      post '/', create_data
+
+      if Pundit.policy(user, app.model_class).create?
+        expect(last_response.status).to eq 302
+      else
+        expect(last_response).not_to be_ok, "Expected a NOT OK response, got #{last_response.status}"
+      end
+    end
+
+    it "#{route} with invalid parameters" do
+      header 'Accept', 'text/html'
+      header 'Content-Type', 'application/x-www-form-urlencoded'
+      post '/', invalid_create_data
+
+      if Pundit.policy(user, app.model_class).create?
+        expect(last_response.status).to eq 400
+      else
+        expect(last_response).not_to be_ok, "Expected a NOT OK response, got #{last_response.status}"
+      end
+    end
+  end
+
+  context 'PUT' do
+    it '/doesnotexist' do
+      header 'Accept', 'text/html'
+      put '/doesnotexist'
+      expect(last_response).not_to be_ok, "Expected a NOT OK response, got #{last_response.status}"
+      expect(last_response.status).to eq 404
+    end
+
+    it "#{route}/:id" do
+      header 'Accept', 'text/html'
+      put "/#{model.id}", update_data
+
+      if Pundit.policy(user, model).update?
+        expect(last_response.status).to eq 302
+      else
+        expect(last_response).not_to be_ok, "Expected a NOT OK response, got #{last_response.status}"
+      end
+    end
+
+    it "#{route} with invalid parameters" do
+      header 'Accept', 'text/html'
+      put "/#{model.id}", invalid_update_data
+
+      if Pundit.policy(user, model).update?
+        expect(last_response.status).to eq 400
+      else
+        expect(last_response).not_to be_ok, "Expected a NOT OK response, got #{last_response.status}"
+      end
+    end
+  end
+
+  context 'DELETE' do
+    it '/doesnotexist' do
+      delete '/doesnotexist'
+      expect(last_response).not_to be_ok, "Expected a NOT OK response, got #{last_response.status}"
+      expect(last_response.status).to eq 404
+    end
+
+    it "#{route}/id" do
+      header 'Accept', 'text/html'
+      delete "/#{model.id}"
+
+      if Pundit.policy(user, model).delete?
+        expect(last_response.status).to eq 302
+      else
+        expect(last_response).not_to be_ok
+      end
+    end
+  end
+end

data/views/403.haml

@@ -0,0 +1,2 @@
+%p.lead.text-center
+  Your user is not allowed access to the requested URL.

data/views/404.haml

@@ -1,7 +1,5 @@
-%h2 Whoops!
-
-%p.lead
+%p.lead.text-center
   We could not find the page you were looking for...
 
 .text-center
-  %iframe{ width: 560, height: 315, src: 'https://www.youtube.com/embed/e3-5YC_oHjE', frameborder: 0, allowfullscreen: true }
+  %iframe{ width: 560, height: 315, src: 'https://www.youtube.com/embed/e3-5YC_oHjE', frameborder: 0, allowfullscreen: true }

data/views/500.haml

@@ -0,0 +1,11 @@
+%p.lead.text-center
+  A call to Elasticsearch failed unexpectedly.
+
+- if current_user.admin?
+  %p
+    The error was:
+    %bt
+    = error.message
+  - if current_user.super_admin?
+    %pre
+      %code= error.backtrace.join("\n")

data/views/audit_logs/index.haml

@@ -1,32 +1,36 @@
 .row
   .col-md-12
-    .panel.panel-default
-      .panel-body
-        = haml :'partials/search'
-      %table.table.table-striped
-        %thead
-          %tr
-            %th User email
-            %th Action
-            %th Details
-            %th Created at
-        %tbody
-          - if list.count > 0
-            - list.all.each do |entity|
-              %tr
-                %td
-                  -if entity.user
-                    %a{ href: "#{settings.map_path}/users/#{entity.user.id}" }= entity.user.email
-                  -else
-                    None
-                %td
-                  = entity.action
-                %td
-                  = entity.details
-                %td
-                  = entity.created_at.strftime('%Y-%m-%d %H:%M:%S')
-          - else
+    = haml :'partials/search'
+    %table.table.table-striped.table-bordered.table-hover
+      %thead.thead-dark
+        %tr
+          %th= "User #{sort_ui(:user)}"
+          %th= "Action #{sort_ui(:action)}"
+          %th= "Details #{sort_ui(:details)}"
+          %th= "IP Address #{sort_ui(:ip_address)}"
+          %th= "Browser #{sort_ui(:browser)}"
+          %th= "Device #{sort_ui(:device)}"
+          %th= "Platform #{sort_ui(:platform)}"
+          %th= "Created At #{sort_ui(:created_at)}"
+      %tbody
+        - if list.count > 0
+          - list.all.each do |entity|
             %tr
-              %td.text-center{ colspan: 4 } No records
+              %td
+                -if entity.user
+                  %a{ href: "#{settings.map_path}/users/#{entity.user.id}" }= entity.user.email
+                -else
+                  None
+              %td= entity.action
+              %td= entity.details
+              %td= entity.ip_address || 'Unknown'
+              %td= entity.browser || 'Unknown'
+              %td= entity.device || 'Unknown'
+              %td= entity.platform || 'Unknown'
+              %td= entity.created_at&.strftime('%Y-%m-%d %H:%M:%S') || 'Unknown'
+        - else
+          %tr
+            %td.text-center{ colspan: 4 } No records
 
-=pagination(list, base_path)
+- if list.count > 0
+  = pagination(list, base_path)

data/views/auth/forgot_password.haml

@@ -1,16 +1,32 @@
-.row
-  .col-md-4
-  .col-md-4
-    .panel.panel-default
-      .panel-body
-        %p.text-center
-          Enter your email address and we will send you a link to reset your password if you've registered on the system.
-        = form_tag("#{settings.map_path}/auth/forgot-password") do
-          .form-group
-            .col-sm-12
-              %input.form-control{ name: 'email', type: 'text', placeholder: 'Enter your email address' }
-          .row.text-right
-            .col-md-12
-              %button.btn.btn-primary.btn-block{ type: 'submit' }
-                Email password reset link
-  .col-md-4
+.container
+  / Outer Row
+  .row.justify-content-center
+    .col-xl-10.col-lg-12.col-md-9
+      .card.card-default.o-hidden.border-0.shadow-lg.my-5
+        .card-body.p-0
+          / Nested Row within Card Body
+          .row
+            .col-lg-6.d-none.d-lg-block.bg-password-image
+            .col-lg-6
+              .p-5
+                .text-center
+                  %h1.h4.text-gray-900.mb-2
+                    Forgot Your Password?
+                  %p.mb-4
+                    We get it, stuff happens. Just enter your email address below and we'll send you a link to reset your password!
+                .small
+                  = haml :'partials/notifications'
+                = form_tag("#{settings.map_path}/auth/forgot-password", attributes: { class: 'user' }) do
+                  .form-group
+                    %input.form-control.form-control-user{ name: 'email', type: 'email',  placeholder: 'Enter Email Address...' }
+                  %button.btn.btn-primary.btn-user.btn-block{ type: 'submit' }
+                    Reset Password
+                %hr
+                - if policy(::Ditty::User).register?
+                  .text-center
+                    %a.small{ href: "#{settings.map_path}/auth/register" } Create an Account!
+                .text-center
+                  %a.small{ href: "#{settings.map_path}/auth/login" } Already have an account? Login!
+
+      .row.justify-content-center
+        .col-xl-10.col-lg-12.col-md-9

data/views/auth/identity.haml

@@ -1,15 +1,16 @@
-= form_tag("#{settings.map_path}/auth/identity/callback", attributes: { class: '' }) do
+= form_tag("#{settings.map_path}/auth/identity/callback", attributes: { class: 'user' }) do
   .form-group
-    %label.control-label Email
-    %input.form-control.border-input{ name: 'username', tabindex: '1' }
+    %input.form-control.form-control-user{ name: 'username', type: 'email', 'aria-describedby': 'emailHelp', placeholder: 'Enter Email Address...' }
   .form-group
-    %label.control-label{ style: 'display: block' }
-      Password
-      %a{ href: "#{settings.map_path}/auth/forgot-password", style: 'float: right', tabindex: '5' }
-        Forgot?
-    %input.form-control.border-input{ name: 'password', type: 'password', tabindex: '2' }
-  %button.btn.btn-primary{ type: 'submit', tabindex: '3' } Log In
-  - if policy(::Ditty::User).register?
-    .pull-right
-      No account yet?
-      %a.btn.btn-default{ href: "#{settings.map_path}/auth/register", tabindex: '4' } Register
+    %input.form-control.form-control-user{ name: 'password', type: 'password', placeholder: 'Password' }
+  / .form-group
+  /   .custom-control.custom-checkbox.small
+  /     <input type="checkbox" class="custom-control-input" id="customCheck">
+  /     <label class="custom-control-label" for="customCheck">Remember Me</label>
+  %button.btn.btn-primary.btn-user.btn-block{ type: 'submit' } Log In
+%hr
+.text-center
+  %a.small{ href: "#{settings.map_path}/auth/forgot-password" } Forgot Password?
+- if policy(::Ditty::User).register?
+  .text-center
+    %a.small{ href: "#{settings.map_path}/auth/register" } Create an Account!

data/views/auth/ldap.haml

@@ -0,0 +1,17 @@
+.row
+  .col-sm-2
+  .col-sm-8
+    .card.card-default.shadow
+      .card-body
+        = form_tag("#{settings.map_path}/auth/ldap/callback", attributes: { class: '' }) do
+          .form-group
+            %label.control-label Username
+            %input.form-control.border-input{ name: 'username', tabindex: '1' }
+          .form-group
+            %label.control-label{ style: 'display: block' }
+              Password
+            %input.form-control.border-input{ name: 'password', type: 'password', tabindex: '2' }
+          %button.btn.btn-primary{ type: 'submit', tabindex: '3' }
+            %i.fa.fa-building
+            Log In
+  .col-sm-2

data/views/auth/login.haml

@@ -1,18 +1,24 @@
-.row
-  .col-sm-2
-  .col-sm-8
-    .panel.panel-default
-      .panel-body
-        - if Ditty::Services::Authentication.provides? 'identity'
-          = haml :'auth/identity'
+.container
+  / Outer Row
+  .row.justify-content-center
+    .col-xl-10.col-lg-12.col-md-9
+      .card.card-default.o-hidden.border-0.shadow-lg.my-5
+        .card-body.p-0
+          / Nested Row within Card Body
           .row
-            .col-sm-12= " "
-        .row
-          .col-sm-8.col-sm-push-2
-            - Ditty::Services::Authentication.providers.each do |name|
-              - provider = Ditty::Services::Authentication[name]
-              - next if provider[:login_prompt].nil?
-              %a.btn.btn-block.btn-default{ href: "#{settings.map_path}/auth/#{name}" }
-                %i.fa{ class: "fa-#{provider[:icon] || 'key'}"}
-                = provider[:login_prompt]
-  .col-sm-2
+            .col-lg-6.d-none.d-lg-block.bg-login-image
+            .col-lg-6
+              .p-5
+                .text-center
+                  %h1.h4.text-gray-900.mb-4 Welcome Back!
+                .small
+                  = haml :'partials/notifications'
+                - ::Ditty::Services::Authentication.providers.each do |name|
+                  - provider = ::Ditty::Services::Authentication[name]
+                  - next if provider[:login_prompt].nil?
+                  %p
+                    %a.btn.btn-block.btn-secondary{ href: "#{settings.map_path}/auth/#{name}" }
+                      %i.fab.fw{ class: "fa-#{provider[:icon] || 'key'}"}
+                      = provider[:login_prompt]
+                - if ::Ditty::Services::Authentication.provides? 'identity'
+                  = haml :'auth/identity'

data/views/auth/register.haml

@@ -1,19 +1,21 @@
-/ TODO: How can we detect a google registration? Extra parameter to the callback? Or a custom callback page?
-.row
-  .col-md-2
-  .col-md-8
-    .panel.panel-default
-      .panel-body
-        - if Ditty::Services::Authentication.provides? 'identity'
-          = haml :'auth/register_identity', locals: { identity: identity }
-          .row
-            .col-sm-12= " "
-        .row
-          .col-sm-8.col-sm-push-2
-            - Ditty::Services::Authentication.providers.each do |name|
-              - provider = Ditty::Services::Authentication[name]
+.container
+  .card.card-default.o-hidden.border-0.shadow-lg.my-5
+    .card-body.p-0
+      / Nested Row within Card Body
+      .row
+        .col-lg-5.d-none.d-lg-block.bg-register-image
+        .col-lg-7
+          .p-5
+            .text-center
+              %h1.h4.text-gray-900.mb-4 Create an Account!
+            .small
+              = haml :'partials/notifications'
+            - ::Ditty::Services::Authentication.providers.each do |name|
+              - provider = ::Ditty::Services::Authentication[name]
               - next if provider[:register_prompt].nil?
-              %a.btn.btn-block.btn-default{ href: "#{settings.map_path}/auth/#{name}" }
-                %i.fa{ class: "fa-#{provider[:icon] || 'key'}"}
-                = provider[:register_prompt]
-  .col-md-2
+              %p
+                %a.btn.btn-user.btn-block{ href: "#{settings.map_path}/auth/#{name}", class: "btn-#{provider[:icon] || 'key'}" }
+                  %i.fab.fa-fw{ class: "fa-#{provider[:icon] || 'key'}"}
+                  = provider[:register_prompt]
+            - if ::Ditty::Services::Authentication.provides? 'identity'
+              = haml :'auth/register_identity', locals: { identity: identity }

data/views/auth/register_identity.haml

@@ -1,14 +1,29 @@
-= form_tag("#{settings.map_path}/auth/register/identity") do
-  = form_control(:username, identity, label: 'Email', placeholder: 'your@email.com')
-  = form_control(:password, identity, label: 'Password', type: :password)
-  = form_control(:password_confirmation, identity, label: 'Confirm Password', type: :password)
+- if identity.errors[:password] && identity.errors[:password].include?('is not strong enough')
+  .alert.alert-warning
+    %p Make sure your password is at least 8 characters long, and including the following
+    %ul
+      %li Upper- and lowercase letters
+      %li Numbers
+      %li Special Characters
 
-  - if identity.errors[:password] && identity.errors[:password].include?('is not strong enough')
-    .alert.alert-warning
-      %p Make sure your password is at least 8 characters long, and including the following
-      %ul
-        %li Upper- and lowercase letters
-        %li Numbers
-        %li Special Characters
+= form_tag("#{settings.map_path}/auth/register/identity", attributes: { class: 'user' }) do
+  .form-group
+    %input.form-control.form-control-user{ name: 'identity[username]', type: 'email', placeholder: 'Email Address', class: identity.errors[:username] ? 'is-invalid' : 'is-valid' }
+    - if identity.errors[:username]
+      .invalid-feedback= identity.errors[:username].join(', ')
+  .form-group.row
+    .col-sm-6.mb-3.mb-sm-0
+      %input.form-control.form-control-user{ name: 'identity[password]', type: 'password', placeholder: 'Password', class: identity.errors[:password] ? 'is-invalid' : 'is-valid' }
+      - if identity.errors[:password]
+        .invalid-feedback= identity.errors[:password].join(', ')
+    .col-sm-6
+      %input.form-control.form-control-user{ name: 'identity[password_confirmation]', type: 'password', placeholder: 'Repeat Password', class: identity.errors[:password_confirmation] ? 'is-invalid' : 'is-valid' }
+      - if identity.errors[:password_confirmation]
+        .invalid-feedback= identity.errors[:password_confirmation].join(', ')
 
-  %button.btn.btn-primary{ type: 'submit' } Register
+  %button.btn.btn-primary.btn-user.btn-block{ type: 'submit' } Register
+%hr
+.text-center
+  %a.small{ href: "#{settings.map_path}/auth/forgot-password" } Forgot Password?
+.text-center
+  %a.small{ href: "#{settings.map_path}/auth/login" } Already have an account? Login!