RubyGems - ditty - Versions diffs - 0.7.2 → 0.8.0 - Mend

ditty 0.7.2 → 0.8.0

Files changed (72) hide show

checksums.yaml +4 -4
data/.rubocop.yml +4 -7
data/.travis.yml +5 -5
data/Gemfile.ci +2 -0
data/Rakefile +4 -3
data/Readme.md +24 -2
data/ditty.gemspec +4 -3
data/lib/ditty.rb +24 -0
data/lib/ditty/cli.rb +6 -2
data/lib/ditty/components/app.rb +10 -1
data/lib/ditty/controllers/application.rb +72 -10
data/lib/ditty/controllers/audit_logs.rb +1 -5
data/lib/ditty/controllers/auth.rb +37 -17
data/lib/ditty/controllers/component.rb +15 -5
data/lib/ditty/controllers/main.rb +1 -5
data/lib/ditty/controllers/roles.rb +2 -5
data/lib/ditty/controllers/user_login_traits.rb +18 -0
data/lib/ditty/controllers/users.rb +4 -9
data/lib/ditty/db.rb +3 -1
data/lib/ditty/emails/base.rb +13 -4
data/lib/ditty/helpers/authentication.rb +6 -5
data/lib/ditty/helpers/component.rb +9 -1
data/lib/ditty/helpers/response.rb +24 -3
data/lib/ditty/helpers/views.rb +20 -0
data/lib/ditty/listener.rb +38 -10
data/lib/ditty/middleware/accept_extension.rb +2 -0
data/lib/ditty/middleware/error_catchall.rb +2 -0
data/lib/ditty/models/audit_log.rb +1 -0
data/lib/ditty/models/base.rb +4 -0
data/lib/ditty/models/identity.rb +3 -0
data/lib/ditty/models/role.rb +1 -0
data/lib/ditty/models/user.rb +9 -1
data/lib/ditty/models/user_login_trait.rb +17 -0
data/lib/ditty/policies/audit_log_policy.rb +6 -6
data/lib/ditty/policies/role_policy.rb +2 -2
data/lib/ditty/policies/user_login_trait_policy.rb +45 -0
data/lib/ditty/policies/user_policy.rb +2 -2
data/lib/ditty/rubocop.rb +3 -0
data/lib/ditty/seed.rb +2 -0
data/lib/ditty/services/authentication.rb +7 -2
data/lib/ditty/services/email.rb +8 -2
data/lib/ditty/services/logger.rb +11 -0
data/lib/ditty/services/pagination_wrapper.rb +2 -0
data/lib/ditty/services/settings.rb +14 -3
data/lib/ditty/tasks/ditty.rake +109 -0
data/lib/ditty/tasks/omniauth-ldap.rake +43 -0
data/lib/ditty/version.rb +1 -1
data/lib/rubocop/cop/ditty/call_services_directly.rb +42 -0
data/migrate/20181209_add_user_login_traits.rb +16 -0
data/migrate/20181209_extend_audit_log.rb +12 -0
data/views/403.haml +2 -0
data/views/audit_logs/index.haml +11 -6
data/views/auth/ldap.haml +17 -0
data/views/emails/forgot_password.haml +1 -1
data/views/emails/layouts/action.haml +10 -6
data/views/emails/layouts/alert.haml +2 -1
data/views/emails/layouts/billing.haml +2 -1
data/views/error.haml +8 -3
data/views/partials/form_control.haml +24 -20
data/views/partials/navbar.haml +11 -12
data/views/partials/sidebar.haml +1 -1
data/views/roles/index.haml +2 -0
data/views/user_login_traits/display.haml +32 -0
data/views/user_login_traits/edit.haml +10 -0
data/views/user_login_traits/form.haml +5 -0
data/views/user_login_traits/index.haml +30 -0
data/views/user_login_traits/new.haml +10 -0
data/views/users/display.haml +1 -1
data/views/users/login_traits.haml +27 -0
data/views/users/profile.haml +2 -0
metadata +50 -21
data/lib/ditty/rake_tasks.rb +0 -102

data/lib/ditty/controllers/auth.rb CHANGED

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
 require 'ditty/controllers/application'
 require 'ditty/services/email'
 require 'securerandom'
@@ -6,48 +8,56 @@ module Ditty
   class Auth < Application
     set track_actions: true
-    def find_template(views, name, engine, &block)
-      super(views, name, engine, &block) # Root
-      super(::Ditty::App.view_folder, name, engine, &block) # Basic Plugin
+    def redirect_path
+      return "#{settings.map_path}/" if omniauth_redirect_path.nil?
+      return "#{settings.map_path}/" if omniauth_redirect_path =~ %r{/#{settings.map_path}/auth/?}
+      omniauth_redirect_path
     end
-    def redirect_path
-      return "#{settings.map_path}/" unless env['omniauth.origin']
-      return "#{settings.map_path}/" if env['omniauth.origin'] =~ %r{/#{settings.map_path}/auth/?}
-      env['omniauth.origin']
+    def omniauth_redirect_path
+      env['omniauth.origin'] || request.session['omniauth.origin']
     end
     def omniauth_callback(provider)
       return failed_login unless env['omniauth.auth']
+      broadcast("before_#{provider}_login".to_sym, env['omniauth.auth'])
       user = User.first(email: env['omniauth.auth']['info']['email'])
-      user = register_user if user.nil? && ['ldap', 'google_oauth2'].include?(provider)
+      user = register_user if user.nil? && authorize(current_user, :register?)
       return failed_login if user.nil?
+      broadcast("#{provider}_login".to_sym, user)
       successful_login(user)
     end
     def failed_login
-      broadcast(:user_failed_login, target: self, details: "IP: #{request.ip}")
-      flash[:warning] = 'Invalid credentials. Please try again.'
+      details = params[:message] || 'None'
+      logger.warn "Invalid Login: #{details}"
+      broadcast(:user_failed_login, target: self, details: details)
+      flash[:warning] = 'Invalid credentials. Please try again'
+      headers 'X-Authentication-Failure' => params[:message] if params[:message]
       redirect "#{settings.map_path}/auth/login"
     end
     def successful_login(user)
       halt 200 if request.xhr?
       self.current_user = user
-      broadcast(:user_login, target: self, details: "IP: #{request.ip}")
+      broadcast(:user_login, target: self)
       flash[:success] = 'Logged In'
       redirect redirect_path
     end
     def register_user
       user = User.create(email: env['omniauth.auth']['info']['email'])
-      broadcast(:user_register, target: self, values: { user: user }, details: "IP: #{request.ip}")
+      broadcast(:user_register, target: self, values: { user: user })
       flash[:info] = 'Successfully Registered.'
       user
     end
     before '/login' do
       return if User.where(roles: Role.find_or_create(name: 'super_admin')).count.positive?
       flash[:info] = 'Please register the super admin user.'
       redirect "#{settings.map_path}/auth/register"
     end
@@ -55,10 +65,20 @@ module Ditty
     # TODO: Make this work for both LDAP and Identity
     get '/login' do
       authorize ::Ditty::Identity, :login
+      redirect settings.map_path if authenticated?
       haml :'auth/login', locals: { title: 'Log In' }
     end
+    # Custom login form for LDAP to allow CSRF checks. Set the `request_path` for
+    # the omniauth-ldap provider to another path so that this gest triggered
+    get '/ldap' do
+      authorize ::Ditty::Identity, :login
+      redirect settings.map_path if authenticated?
+      haml :'auth/ldap', locals: { title: 'Company Log In' }
+    end
     get '/forgot-password' do
       authorize ::Ditty::Identity, :forgot_password
@@ -92,7 +112,7 @@ module Ditty
       param :token, String, required: true
       identity = Identity[reset_token: params[:token]]
-      halt 404 unless identity && identity.reset_requested && identity.reset_requested > (Time.now - (24 * 60 * 60))
+      halt 404 unless identity&.reset_requested && identity.reset_requested > (Time.now - (24 * 60 * 60))
       haml :'auth/reset_password', locals: { title: 'Reset your password', identity: identity }
     end
@@ -107,11 +127,11 @@ module Ditty
       identity_params = permitted_attributes(Identity, :update)
       identity.set identity_params.merge(reset_token: nil, reset_requested: nil)
       if identity.valid? && identity.save
-        broadcast(:identity_update_password, target: self, details: "IP: #{request.ip}")
+        broadcast(:identity_update_password, target: self)
         flash[:success] = 'Password Updated'
         redirect "#{settings.map_path}/auth/login"
       else
-        broadcast(:identity_update_password_failed, target: self, details: "IP: #{request.ip}")
+        broadcast(:identity_update_password_failed, target: self)
         haml :'auth/reset_password', locals: { title: 'Reset your password', identity: identity }
       end
     end
@@ -135,7 +155,7 @@ module Ditty
         DB.transaction do
           user.save
           user.add_identity identity
-          broadcast(:user_register, target: self, values: { user: user }, details: "IP: #{request.ip}")
+          broadcast(:user_register, target: self, values: { user: user })
           flash[:info] = 'Successfully Registered. Please log in'
           redirect "#{settings.map_path}/auth/login"
         end
@@ -147,7 +167,7 @@ module Ditty
     # Logout Action
     delete '/' do
-      broadcast(:user_logout, target: self, details: "IP: #{request.ip}")
+      broadcast(:user_logout, target: self)
       logout
       halt 200 if request.xhr?

data/lib/ditty/controllers/component.rb CHANGED

@@ -13,6 +13,7 @@ module Ditty
     set dehumanized: nil
     set view_location: nil
     set track_actions: false
+    set heading: nil
     def read(id)
       dataset.first(settings.model_class.primary_key => id)
@@ -22,8 +23,15 @@ module Ditty
       @skip_verify = true
     end
+    def trigger(event, attribs = {})
+      attribs[:target] ||= self
+      send(event, attribs) if self.respond_to? event
+      broadcast(event, attribs)
+    end
     after do
       return if settings.environment == 'production'
       if (response.successful? || response.redirection?) && @skip_verify == false
         verify_authorized if settings.environment != 'production'
       end
@@ -31,6 +39,7 @@ module Ditty
     after '/' do
       return if settings.environment == 'production' || request.request_method != 'GET'
       verify_policy_scoped if (response.successful? || response.redirection?) && @skip_verify == false
     end
@@ -40,7 +49,8 @@ module Ditty
       result = list
-      broadcast(:component_list, target: self)
+      trigger :component_list
       list_response(result)
     end
@@ -62,7 +72,7 @@ module Ditty
       entity.db.transaction do
         entity.save # Will trigger a Sequel::ValidationFailed exception if the model is incorrect
-        broadcast(:component_create, target: self, entity: entity)
+        trigger :component_create, entity: entity
       end
       create_response(entity)
@@ -74,7 +84,7 @@ module Ditty
       halt 404 unless entity
       authorize entity, :read
-      broadcast(:component_read, target: self, entity: entity)
+      trigger :component_read, entity: entity
       read_response(entity)
     end
@@ -98,7 +108,7 @@ module Ditty
       entity.db.transaction do
         entity.set(permitted_attributes(settings.model_class, :update))
         entity.save # Will trigger a Sequel::ValidationFailed exception if the model is incorrect
-        broadcast(:component_update, target: self, entity: entity)
+        trigger :component_update, entity: entity
       end
       update_response(entity)
@@ -111,7 +121,7 @@ module Ditty
       entity.db.transaction do
         entity.destroy
-        broadcast(:component_delete, target: self, entity: entity)
+        trigger :component_delete, entity: entity
       end
       delete_response(entity)

data/lib/ditty/controllers/main.rb CHANGED

@@ -8,13 +8,9 @@ module Ditty
   class Main < Application
     set track_actions: true
-    def find_template(views, name, engine, &block)
-      super(views, name, engine, &block) # Root
-      super(::Ditty::App.view_folder, name, engine, &block) # Basic Plugin
-    end
     before '/' do
       return if User.where(roles: Role.find_or_create(name: 'super_admin')).count.positive?
       flash[:info] = 'Please register the super admin user.'
       redirect "#{settings.map_path}/auth/register"
     end

data/lib/ditty/controllers/roles.rb CHANGED

@@ -6,11 +6,8 @@ require 'ditty/policies/role_policy'
 module Ditty
   class Roles < Ditty::Component
-    set model_class: Role
+    SEARCHABLE = %i[name].freeze
-    def find_template(views, name, engine, &block)
-      super(views, name, engine, &block) # Root
-      super(::Ditty::App.view_folder, name, engine, &block) # Ditty
-    end
+    set model_class: Role
   end
 end

data/lib/ditty/controllers/user_login_traits.rb ADDED

@@ -0,0 +1,18 @@
+# frozen_string_literal: true
+require 'ditty/controllers/component'
+require 'ditty/models/user_login_trait'
+require 'ditty/policies/user_login_trait_policy'
+module Ditty
+  class UserLoginTraits < Ditty::Component
+    SEARCHABLE = %i[platform device browser ip_address].freeze
+    FILTERS = [
+      { name: :user, field: 'user.email' }
+    ].freeze
+    set base_path: 'login-traits'
+    set model_class: UserLoginTrait
+    # set track_actions: true
+  end
+end

data/lib/ditty/controllers/users.rb CHANGED

@@ -2,6 +2,7 @@
 require 'ditty/controllers/component'
 require 'ditty/models/user'
+require 'ditty/models/user_login_trait'
 require 'ditty/policies/user_policy'
 require 'ditty/models/identity'
 require 'ditty/policies/identity_policy'
@@ -13,11 +14,6 @@ module Ditty
     set model_class: User
     set track_actions: true
-    def find_template(views, name, engine, &block)
-      super(views, name, engine, &block) # Root
-      super(::Ditty::App.view_folder, name, engine, &block) # Ditty
-    end
     # New
     get '/new' do
       authorize settings.model_class, :create
@@ -45,6 +41,7 @@ module Ditty
           identity.save
         rescue Sequel::ValidationFailed
           raise unless request.accept? 'text/html'
           status 400
           locals = { title: heading(:new), entity: user, identity: identity }
           return haml(:"#{view_location}/new", locals: locals)
@@ -52,10 +49,8 @@ module Ditty
         user.save
         user.add_identity identity
-        if roles
-          roles.each do |role_id|
-            user.add_role(role_id) unless user.roles.map(&:id).include? role_id.to_i
-          end
+        roles&.each do |role_id|
+          user.add_role(role_id) unless user.roles.map(&:id).include? role_id.to_i
         end
         user.check_roles
       end

data/lib/ditty/db.rb CHANGED

@@ -18,8 +18,10 @@ elsif ENV['DATABASE_URL'].blank? == false
   )
   DB.sql_log_level = (ENV['SEQUEL_LOGGING_LEVEL'] || :debug).to_sym
-  DB.loggers << Ditty::Services::Logger.instance
+  DB.loggers << Ditty::Services::Logger.instance if ENV['DB_DEBUG'].to_i == 1
   DB.extension(:pagination)
+  DB.extension(:schema_caching)
+  DB.load_schema_cache?('./config/schema.dump')
   Sequel::Model.plugin :validation_helpers
   Sequel::Model.plugin :update_or_create

data/lib/ditty/emails/base.rb CHANGED

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
 require 'haml'
 require 'ditty/components/app'
@@ -15,8 +17,11 @@ module Ditty
       def deliver!(to = nil, locals = {})
         options[:to] = to unless to.nil?
         @locals.merge!(locals)
-        %i[to from subject].each do |param|
-          mail.send(param, options[param]) if options[param]
+        %i[to from subject content_type].each do |param|
+          next unless options[param]
+          @locals[param] ||= options[param]
+          mail.send(param, options[param])
         end
         mail.body content
         mail.deliver!
@@ -24,6 +29,7 @@ module Ditty
       def method_missing(method, *args, &block)
         return super unless respond_to_missing?(method)
         mail.send(method, *args, &block)
       end
@@ -36,7 +42,8 @@ module Ditty
       def content
         result = Haml::Engine.new(content_haml).render(Object.new, locals)
         return result unless options[:layout]
-        Haml::Engine.new(layout_haml).render(Object.new, content: result)
+        Haml::Engine.new(layout_haml).render(Object.new, locals.merge(content: result))
       end
       def content_haml
@@ -52,14 +59,16 @@ module Ditty
       end
       def base_options
-        { subject: '(No Subject)', from: 'no-reply@ditty.io', view: :base }
+        { subject: '(No Subject)', from: 'no-reply@ditty.io', view: :base, content_type: 'text/html; charset=UTF-8' }
       end
       def find_template(file)
         template = File.expand_path("./views/#{file}.haml")
         return template if File.file? template
         template = File.expand_path("./#{file}.haml", App.view_folder)
         return template if File.file? template
         file
       end

data/lib/ditty/helpers/authentication.rb CHANGED

@@ -1,14 +1,13 @@
 # frozen_string_literal: true
 require 'ditty/models/user'
-require 'ditty/models/role'
-require 'ditty/models/identity'
 module Ditty
   module Helpers
     module Authentication
       def current_user
         return nil if current_user_id.nil?
         @current_user ||= User[current_user_id]
       end
@@ -19,8 +18,9 @@ module Ditty
       end
       def current_user_id
-        return env['rack.session']['user_id'] if env['rack.session']
-        env['omniauth.auth'].uid if env['omniauth.auth']
+        return env['rack.session']['user_id'] if env['rack.session'] && env['rack.session']['user_id']
+        env['omniauth.auth']&.uid
       end
       def authenticate
@@ -33,11 +33,12 @@ module Ditty
       def authenticate!
         raise NotAuthenticated unless authenticated?
         true
       end
       def logout
-        env['rack.session'].delete('user_id') unless env['rack.session'].nil?
+        env['rack.session']&.delete('user_id')
         env.delete('omniauth.auth')
       end
     end

data/lib/ditty/helpers/component.rb CHANGED

@@ -13,8 +13,10 @@ module Ditty
       # param :count, Integer, min: 1, default: 10 # Can't do this, since count can be `all`
       def check_count
         return 10 if params[:count].nil?
         count = params[:count].to_i
         return count if count >= 1
         excp = Sinatra::Param::InvalidParameterError.new 'Parameter cannot be less than 1'
         excp.param = :count
         raise excp
@@ -37,16 +39,18 @@ module Ditty
         ds = dataset
         ds = ds.dataset if ds.respond_to?(:dataset)
         return ds if params[:count] == 'all'
         params[:count] = check_count
         # Account for difference between sequel paginate and will paginate
         return ds.paginate(page: params[:page], per_page: params[:count]) if ds.is_a?(Array)
         ds.paginate(params[:page], params[:count])
       end
       def heading(action = nil)
         @headings ||= begin
-          heading = settings.model_class.to_s.demodulize.titleize
+          heading = settings.heading || settings.model_class.to_s.demodulize.singularize.titleize
           h = Hash.new(heading)
           h[:new] = "New #{heading}"
           h[:list] = pluralize heading
@@ -78,6 +82,7 @@ module Ditty
       def filters
         filter_fields.map do |filter|
           next if params[filter[:name]].blank?
           filter[:field] ||= filter[:name]
           filter[:modifier] ||= :to_s # TODO: Do this with Sinatra Param?
           filter
@@ -86,6 +91,7 @@ module Ditty
       def ordering
         return if params[:sort].blank?
         Sequel.send(params[:order].to_sym, params[:sort].to_sym)
       end
@@ -112,11 +118,13 @@ module Ditty
         assoc = filter[:field].to_s.split('.').first.to_sym
         assoc = settings.model_class.association_reflection(assoc)
         raise "Unknown association #{assoc}" if assoc.nil?
         assoc
       end
       def search_filters
         return [] if params[:q].blank?
         searchable_fields.map { |f| Sequel.ilike(f.to_sym, "%#{params[:q]}%") }
       end
     end