RubyGems - ditty - Versions diffs - 0.7.2 → 0.8.0 - Mend

ditty 0.7.2 → 0.8.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (72) hide show

checksums.yaml +4 -4
data/.rubocop.yml +4 -7
data/.travis.yml +5 -5
data/Gemfile.ci +2 -0
data/Rakefile +4 -3
data/Readme.md +24 -2
data/ditty.gemspec +4 -3
data/lib/ditty.rb +24 -0
data/lib/ditty/cli.rb +6 -2
data/lib/ditty/components/app.rb +10 -1
data/lib/ditty/controllers/application.rb +72 -10
data/lib/ditty/controllers/audit_logs.rb +1 -5
data/lib/ditty/controllers/auth.rb +37 -17
data/lib/ditty/controllers/component.rb +15 -5
data/lib/ditty/controllers/main.rb +1 -5
data/lib/ditty/controllers/roles.rb +2 -5
data/lib/ditty/controllers/user_login_traits.rb +18 -0
data/lib/ditty/controllers/users.rb +4 -9
data/lib/ditty/db.rb +3 -1
data/lib/ditty/emails/base.rb +13 -4
data/lib/ditty/helpers/authentication.rb +6 -5
data/lib/ditty/helpers/component.rb +9 -1
data/lib/ditty/helpers/response.rb +24 -3
data/lib/ditty/helpers/views.rb +20 -0
data/lib/ditty/listener.rb +38 -10
data/lib/ditty/middleware/accept_extension.rb +2 -0
data/lib/ditty/middleware/error_catchall.rb +2 -0
data/lib/ditty/models/audit_log.rb +1 -0
data/lib/ditty/models/base.rb +4 -0
data/lib/ditty/models/identity.rb +3 -0
data/lib/ditty/models/role.rb +1 -0
data/lib/ditty/models/user.rb +9 -1
data/lib/ditty/models/user_login_trait.rb +17 -0
data/lib/ditty/policies/audit_log_policy.rb +6 -6
data/lib/ditty/policies/role_policy.rb +2 -2
data/lib/ditty/policies/user_login_trait_policy.rb +45 -0
data/lib/ditty/policies/user_policy.rb +2 -2
data/lib/ditty/rubocop.rb +3 -0
data/lib/ditty/seed.rb +2 -0
data/lib/ditty/services/authentication.rb +7 -2
data/lib/ditty/services/email.rb +8 -2
data/lib/ditty/services/logger.rb +11 -0
data/lib/ditty/services/pagination_wrapper.rb +2 -0
data/lib/ditty/services/settings.rb +14 -3
data/lib/ditty/tasks/ditty.rake +109 -0
data/lib/ditty/tasks/omniauth-ldap.rake +43 -0
data/lib/ditty/version.rb +1 -1
data/lib/rubocop/cop/ditty/call_services_directly.rb +42 -0
data/migrate/20181209_add_user_login_traits.rb +16 -0
data/migrate/20181209_extend_audit_log.rb +12 -0
data/views/403.haml +2 -0
data/views/audit_logs/index.haml +11 -6
data/views/auth/ldap.haml +17 -0
data/views/emails/forgot_password.haml +1 -1
data/views/emails/layouts/action.haml +10 -6
data/views/emails/layouts/alert.haml +2 -1
data/views/emails/layouts/billing.haml +2 -1
data/views/error.haml +8 -3
data/views/partials/form_control.haml +24 -20
data/views/partials/navbar.haml +11 -12
data/views/partials/sidebar.haml +1 -1
data/views/roles/index.haml +2 -0
data/views/user_login_traits/display.haml +32 -0
data/views/user_login_traits/edit.haml +10 -0
data/views/user_login_traits/form.haml +5 -0
data/views/user_login_traits/index.haml +30 -0
data/views/user_login_traits/new.haml +10 -0
data/views/users/display.haml +1 -1
data/views/users/login_traits.haml +27 -0
data/views/users/profile.haml +2 -0
metadata +50 -21
data/lib/ditty/rake_tasks.rb +0 -102

data/lib/ditty/controllers/auth.rb CHANGED

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
 require 'ditty/controllers/application'
 require 'ditty/services/email'
 require 'securerandom'
@@ -6,48 +8,56 @@ module Ditty
   class Auth < Application
     set track_actions: true
-    def find_template(views, name, engine, &block)
-      super(views, name, engine, &block) # Root
-      super(::Ditty::App.view_folder, name, engine, &block) # Basic Plugin
+    def redirect_path
+      return "#{settings.map_path}/" if omniauth_redirect_path.nil?
+      return "#{settings.map_path}/" if omniauth_redirect_path =~ %r{/#{settings.map_path}/auth/?}
+      omniauth_redirect_path
     end
-    def redirect_path
-      return "#{settings.map_path}/" unless env['omniauth.origin']
-      return "#{settings.map_path}/" if env['omniauth.origin'] =~ %r{/#{settings.map_path}/auth/?}
-      env['omniauth.origin']
+    def omniauth_redirect_path
+      env['omniauth.origin'] || request.session['omniauth.origin']
     end
     def omniauth_callback(provider)
       return failed_login unless env['omniauth.auth']
+      broadcast("before_#{provider}_login".to_sym, env['omniauth.auth'])
       user = User.first(email: env['omniauth.auth']['info']['email'])
-      user = register_user if user.nil? && ['ldap', 'google_oauth2'].include?(provider)
+      user = register_user if user.nil? && authorize(current_user, :register?)
       return failed_login if user.nil?
+      broadcast("#{provider}_login".to_sym, user)
       successful_login(user)
     end
     def failed_login
-      broadcast(:user_failed_login, target: self, details: "IP: #{request.ip}")
-      flash[:warning] = 'Invalid credentials. Please try again.'
+      details = params[:message] || 'None'
+      logger.warn "Invalid Login: #{details}"
+      broadcast(:user_failed_login, target: self, details: details)
+      flash[:warning] = 'Invalid credentials. Please try again'
+      headers 'X-Authentication-Failure' => params[:message] if params[:message]
       redirect "#{settings.map_path}/auth/login"
     end
     def successful_login(user)
       halt 200 if request.xhr?
       self.current_user = user
-      broadcast(:user_login, target: self, details: "IP: #{request.ip}")
+      broadcast(:user_login, target: self)
       flash[:success] = 'Logged In'
       redirect redirect_path
     end
     def register_user
       user = User.create(email: env['omniauth.auth']['info']['email'])
-      broadcast(:user_register, target: self, values: { user: user }, details: "IP: #{request.ip}")
+      broadcast(:user_register, target: self, values: { user: user })
       flash[:info] = 'Successfully Registered.'
       user
     end
     before '/login' do
       return if User.where(roles: Role.find_or_create(name: 'super_admin')).count.positive?
       flash[:info] = 'Please register the super admin user.'
       redirect "#{settings.map_path}/auth/register"
     end
@@ -55,10 +65,20 @@ module Ditty
     # TODO: Make this work for both LDAP and Identity
     get '/login' do
       authorize ::Ditty::Identity, :login
+      redirect settings.map_path if authenticated?
       haml :'auth/login', locals: { title: 'Log In' }
     end
+    # Custom login form for LDAP to allow CSRF checks. Set the `request_path` for
+    # the omniauth-ldap provider to another path so that this gest triggered
+    get '/ldap' do
+      authorize ::Ditty::Identity, :login
+      redirect settings.map_path if authenticated?
+      haml :'auth/ldap', locals: { title: 'Company Log In' }
+    end
     get '/forgot-password' do
       authorize ::Ditty::Identity, :forgot_password
@@ -92,7 +112,7 @@ module Ditty
       param :token, String, required: true
       identity = Identity[reset_token: params[:token]]
-      halt 404 unless identity && identity.reset_requested && identity.reset_requested > (Time.now - (24 * 60 * 60))
+      halt 404 unless identity&.reset_requested && identity.reset_requested > (Time.now - (24 * 60 * 60))
       haml :'auth/reset_password', locals: { title: 'Reset your password', identity: identity }
     end
@@ -107,11 +127,11 @@ module Ditty
       identity_params = permitted_attributes(Identity, :update)
       identity.set identity_params.merge(reset_token: nil, reset_requested: nil)
       if identity.valid? && identity.save
-        broadcast(:identity_update_password, target: self, details: "IP: #{request.ip}")
+        broadcast(:identity_update_password, target: self)
         flash[:success] = 'Password Updated'
         redirect "#{settings.map_path}/auth/login"
       else
-        broadcast(:identity_update_password_failed, target: self, details: "IP: #{request.ip}")
+        broadcast(:identity_update_password_failed, target: self)
         haml :'auth/reset_password', locals: { title: 'Reset your password', identity: identity }
       end
     end
@@ -135,7 +155,7 @@ module Ditty
         DB.transaction do
           user.save
           user.add_identity identity
-          broadcast(:user_register, target: self, values: { user: user }, details: "IP: #{request.ip}")
+          broadcast(:user_register, target: self, values: { user: user })
           flash[:info] = 'Successfully Registered. Please log in'
           redirect "#{settings.map_path}/auth/login"
         end
@@ -147,7 +167,7 @@ module Ditty
     # Logout Action
     delete '/' do
-      broadcast(:user_logout, target: self, details: "IP: #{request.ip}")
+      broadcast(:user_logout, target: self)
       logout
       halt 200 if request.xhr?

data/lib/ditty/controllers/component.rb CHANGED

@@ -13,6 +13,7 @@ module Ditty
     set dehumanized: nil
     set view_location: nil
     set track_actions: false
+    set heading: nil
     def read(id)
       dataset.first(settings.model_class.primary_key => id)
@@ -22,8 +23,15 @@ module Ditty
       @skip_verify = true
     end
+    def trigger(event, attribs = {})
+      attribs[:target] ||= self
+      send(event, attribs) if self.respond_to? event
+      broadcast(event, attribs)
+    end
     after do
       return if settings.environment == 'production'
       if (response.successful? || response.redirection?) && @skip_verify == false
         verify_authorized if settings.environment != 'production'
       end
@@ -31,6 +39,7 @@ module Ditty
     after '/' do
       return if settings.environment == 'production' || request.request_method != 'GET'
       verify_policy_scoped if (response.successful? || response.redirection?) && @skip_verify == false
     end
@@ -40,7 +49,8 @@ module Ditty
       result = list
-      broadcast(:component_list, target: self)
+      trigger :component_list
       list_response(result)
     end
@@ -62,7 +72,7 @@ module Ditty
       entity.db.transaction do
         entity.save # Will trigger a Sequel::ValidationFailed exception if the model is incorrect
-        broadcast(:component_create, target: self, entity: entity)
+        trigger :component_create, entity: entity
       end
       create_response(entity)
@@ -74,7 +84,7 @@ module Ditty
       halt 404 unless entity
       authorize entity, :read
-      broadcast(:component_read, target: self, entity: entity)
+      trigger :component_read, entity: entity
       read_response(entity)
     end
@@ -98,7 +108,7 @@ module Ditty
       entity.db.transaction do
         entity.set(permitted_attributes(settings.model_class, :update))
         entity.save # Will trigger a Sequel::ValidationFailed exception if the model is incorrect
-        broadcast(:component_update, target: self, entity: entity)
+        trigger :component_update, entity: entity
       end
       update_response(entity)
@@ -111,7 +121,7 @@ module Ditty
       entity.db.transaction do
         entity.destroy
-        broadcast(:component_delete, target: self, entity: entity)
+        trigger :component_delete, entity: entity
       end
       delete_response(entity)

data/lib/ditty/controllers/main.rb CHANGED

@@ -8,13 +8,9 @@ module Ditty
   class Main < Application
     set track_actions: true
-    def find_template(views, name, engine, &block)
-      super(views, name, engine, &block) # Root
-      super(::Ditty::App.view_folder, name, engine, &block) # Basic Plugin
-    end
     before '/' do
       return if User.where(roles: Role.find_or_create(name: 'super_admin')).count.positive?
       flash[:info] = 'Please register the super admin user.'
       redirect "#{settings.map_path}/auth/register"
     end

data/lib/ditty/controllers/roles.rb CHANGED

@@ -6,11 +6,8 @@ require 'ditty/policies/role_policy'
 module Ditty
   class Roles < Ditty::Component
-    set model_class: Role
+    SEARCHABLE = %i[name].freeze
-    def find_template(views, name, engine, &block)
-      super(views, name, engine, &block) # Root
-      super(::Ditty::App.view_folder, name, engine, &block) # Ditty
-    end
+    set model_class: Role
   end
 end

data/lib/ditty/controllers/user_login_traits.rb ADDED

@@ -0,0 +1,18 @@
+# frozen_string_literal: true
+require 'ditty/controllers/component'
+require 'ditty/models/user_login_trait'
+require 'ditty/policies/user_login_trait_policy'
+module Ditty
+  class UserLoginTraits < Ditty::Component
+    SEARCHABLE = %i[platform device browser ip_address].freeze
+    FILTERS = [
+      { name: :user, field: 'user.email' }
+    ].freeze
+    set base_path: 'login-traits'
+    set model_class: UserLoginTrait
+    # set track_actions: true
+  end
+end

data/lib/ditty/controllers/users.rb CHANGED

@@ -2,6 +2,7 @@
 require 'ditty/controllers/component'
 require 'ditty/models/user'
+require 'ditty/models/user_login_trait'
 require 'ditty/policies/user_policy'
 require 'ditty/models/identity'
 require 'ditty/policies/identity_policy'
@@ -13,11 +14,6 @@ module Ditty
     set model_class: User
     set track_actions: true
-    def find_template(views, name, engine, &block)
-      super(views, name, engine, &block) # Root
-      super(::Ditty::App.view_folder, name, engine, &block) # Ditty
-    end
     # New
     get '/new' do
       authorize settings.model_class, :create
@@ -45,6 +41,7 @@ module Ditty
           identity.save
         rescue Sequel::ValidationFailed
           raise unless request.accept? 'text/html'
           status 400
           locals = { title: heading(:new), entity: user, identity: identity }
           return haml(:"#{view_location}/new", locals: locals)
@@ -52,10 +49,8 @@ module Ditty
         user.save
         user.add_identity identity
-        if roles
-          roles.each do |role_id|
-            user.add_role(role_id) unless user.roles.map(&:id).include? role_id.to_i
-          end
+        roles&.each do |role_id|
+          user.add_role(role_id) unless user.roles.map(&:id).include? role_id.to_i
         end
         user.check_roles
       end

data/lib/ditty/db.rb CHANGED

@@ -18,8 +18,10 @@ elsif ENV['DATABASE_URL'].blank? == false
   )
   DB.sql_log_level = (ENV['SEQUEL_LOGGING_LEVEL'] || :debug).to_sym
-  DB.loggers << Ditty::Services::Logger.instance
+  DB.loggers << Ditty::Services::Logger.instance if ENV['DB_DEBUG'].to_i == 1
   DB.extension(:pagination)
+  DB.extension(:schema_caching)
+  DB.load_schema_cache?('./config/schema.dump')
   Sequel::Model.plugin :validation_helpers
   Sequel::Model.plugin :update_or_create

data/lib/ditty/emails/base.rb CHANGED

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
 require 'haml'
 require 'ditty/components/app'
@@ -15,8 +17,11 @@ module Ditty
       def deliver!(to = nil, locals = {})
         options[:to] = to unless to.nil?
         @locals.merge!(locals)
-        %i[to from subject].each do |param|
-          mail.send(param, options[param]) if options[param]
+        %i[to from subject content_type].each do |param|
+          next unless options[param]
+          @locals[param] ||= options[param]
+          mail.send(param, options[param])
         end
         mail.body content
         mail.deliver!
@@ -24,6 +29,7 @@ module Ditty
       def method_missing(method, *args, &block)
         return super unless respond_to_missing?(method)
         mail.send(method, *args, &block)
       end
@@ -36,7 +42,8 @@ module Ditty
       def content
         result = Haml::Engine.new(content_haml).render(Object.new, locals)
         return result unless options[:layout]
-        Haml::Engine.new(layout_haml).render(Object.new, content: result)
+        Haml::Engine.new(layout_haml).render(Object.new, locals.merge(content: result))
       end
       def content_haml
@@ -52,14 +59,16 @@ module Ditty
       end
       def base_options
-        { subject: '(No Subject)', from: 'no-reply@ditty.io', view: :base }
+        { subject: '(No Subject)', from: 'no-reply@ditty.io', view: :base, content_type: 'text/html; charset=UTF-8' }
       end
       def find_template(file)
         template = File.expand_path("./views/#{file}.haml")
         return template if File.file? template
         template = File.expand_path("./#{file}.haml", App.view_folder)
         return template if File.file? template
         file
       end

data/lib/ditty/helpers/authentication.rb CHANGED

@@ -1,14 +1,13 @@
 # frozen_string_literal: true
 require 'ditty/models/user'
-require 'ditty/models/role'
-require 'ditty/models/identity'
 module Ditty
   module Helpers
     module Authentication
       def current_user
         return nil if current_user_id.nil?
         @current_user ||= User[current_user_id]
       end
@@ -19,8 +18,9 @@ module Ditty
       end
       def current_user_id
-        return env['rack.session']['user_id'] if env['rack.session']
-        env['omniauth.auth'].uid if env['omniauth.auth']
+        return env['rack.session']['user_id'] if env['rack.session'] && env['rack.session']['user_id']
+        env['omniauth.auth']&.uid
       end
       def authenticate
@@ -33,11 +33,12 @@ module Ditty
       def authenticate!
         raise NotAuthenticated unless authenticated?
         true
       end
       def logout
-        env['rack.session'].delete('user_id') unless env['rack.session'].nil?
+        env['rack.session']&.delete('user_id')
         env.delete('omniauth.auth')
       end
     end

data/lib/ditty/helpers/component.rb CHANGED

@@ -13,8 +13,10 @@ module Ditty
       # param :count, Integer, min: 1, default: 10 # Can't do this, since count can be `all`
       def check_count
         return 10 if params[:count].nil?
         count = params[:count].to_i
         return count if count >= 1
         excp = Sinatra::Param::InvalidParameterError.new 'Parameter cannot be less than 1'
         excp.param = :count
         raise excp
@@ -37,16 +39,18 @@ module Ditty
         ds = dataset
         ds = ds.dataset if ds.respond_to?(:dataset)
         return ds if params[:count] == 'all'
         params[:count] = check_count
         # Account for difference between sequel paginate and will paginate
         return ds.paginate(page: params[:page], per_page: params[:count]) if ds.is_a?(Array)
         ds.paginate(params[:page], params[:count])
       end
       def heading(action = nil)
         @headings ||= begin
-          heading = settings.model_class.to_s.demodulize.titleize
+          heading = settings.heading || settings.model_class.to_s.demodulize.singularize.titleize
           h = Hash.new(heading)
           h[:new] = "New #{heading}"
           h[:list] = pluralize heading
@@ -78,6 +82,7 @@ module Ditty
       def filters
         filter_fields.map do |filter|
           next if params[filter[:name]].blank?
           filter[:field] ||= filter[:name]
           filter[:modifier] ||= :to_s # TODO: Do this with Sinatra Param?
           filter
@@ -86,6 +91,7 @@ module Ditty
       def ordering
         return if params[:sort].blank?
         Sequel.send(params[:order].to_sym, params[:sort].to_sym)
       end
@@ -112,11 +118,13 @@ module Ditty
         assoc = filter[:field].to_s.split('.').first.to_sym
         assoc = settings.model_class.association_reflection(assoc)
         raise "Unknown association #{assoc}" if assoc.nil?
         assoc
       end
       def search_filters
         return [] if params[:q].blank?
         searchable_fields.map { |f| Sequel.ilike(f.to_sym, "%#{params[:q]}%") }
       end
     end