ditty 0.4.1 → 0.6.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: a6c4bdcc080384afbc372c0811697ff421ab6ed3d552ec912cd0a3c0f7ed82da
-  data.tar.gz: 1f09c726e251d380cd0b55d8c552b064dae7c6811f3a24b0e16a38e55a0c6408
+  metadata.gz: b6858577e8b718519ffc9090091e2709558d0ffd52d938469cb28758bcb45317
+  data.tar.gz: 55d43869a651d32b3dcbcedf093a5c7ef2a01fa83335d7a36c7f3475b61d695b
 SHA512:
-  metadata.gz: d0f86ea3db1913ad4c603a6ba96c535705589fd7fbd28ea3fbe3a262d956838fdc2c27e1950e6aae2f6e1bce20e3ffd0dc32e0bde74ae371869c3ac1922a5b03
-  data.tar.gz: ad5ea5fe818c8f8d20177082f11ecfeb176b4969b21cb5155410a4f8dbbc581dde05d3cb4c468898a86dd16a8aede7f487f3fd36b60e187df094280f805e1c8e
+  metadata.gz: e5606f0ac962ce44b97b08408f6d18bcff35271b87ff4fd88af1a42f85d4f890edafaca116a438b7652fe7b52eb7407074a531c7fba7c63387fe5ff71093ccb7
+  data.tar.gz: ca27dfe35f0249414bf54367880bc11c199cead75a45a2fbb809e20d42d626ba734c43b0c02a82729473b8365f4ff1ec835708a29b188d5f2d1700d112a5eaec

data/.gitignore

@@ -1,4 +1,5 @@
 /.bundle/
+vendor
 /.yardoc
 /Gemfile.lock
 /_yardoc/
@@ -12,3 +13,4 @@
 .vagrant
 *.db
 /Gemfile.dev.lock
+migrations

data/Readme.md

@@ -32,18 +32,9 @@ gem install ditty
 ## Usage
 
 1. Add the components to your rack config file. See the included [`config.ru`](https://github.com/EagerELK/ditty/blob/master/config.ru) file for an example setup
-2. Add the Ditty rake tasks to your Rakefile: `require 'ditty/rake_tasks'`
-3. Set the DB connection as the `DATABASE_URL` ENV variable: `DATABASE_URL=sqlite://development.db`
-4. Create and populate the DB and secret tokens:
-
-```bash
-bundle exec rake proxes:prep
-bundle exec rake proxes:generate_tokens
-bundle exec rake proxes:migrate
-bundle exec rake proxes:seed
-```
-
-4. Start up the web app: `bundle exec rackup`
+2. Set the DB connection as the `DATABASE_URL` ENV variable: `DATABASE_URL=sqlite://development.db`
+3. Run the Ditty migrations: `bundle exec ditty migrate`
+4. Run the Ditty server: `bundle exec ditty server`
 
 ## Components
 

data/ditty.gemspec

@@ -17,7 +17,7 @@ Gem::Specification.new do |spec|
 
   spec.files         = `git ls-files -z`.split("\x0").reject { |f| f.match(%r{^(test|spec|features)/}) }
   spec.bindir        = 'exe'
-  spec.executables   = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
+  spec.executables   = ['ditty']
   spec.require_paths = ['lib']
 
   spec.add_development_dependency 'bundler', '~> 1.12'
@@ -33,6 +33,7 @@ Gem::Specification.new do |spec|
   spec.add_dependency 'haml', '~> 5.0'
   spec.add_dependency 'logger', '~> 1.0'
   spec.add_dependency 'oga', '>= 2.14'
+  spec.add_dependency 'mail', '>= 1.7'
   spec.add_dependency 'omniauth', '~> 1.0'
   spec.add_dependency 'omniauth-identity', '~> 1.0'
   spec.add_dependency 'pundit', '~> 1.0'
@@ -43,5 +44,7 @@ Gem::Specification.new do |spec|
   spec.add_dependency 'sinatra-contrib', '~> 2.0'
   spec.add_dependency 'sinatra-flash', '~> 0.3'
   spec.add_dependency 'tilt', '>= 2'
+  spec.add_dependency 'thor', '>= 0.20'
+  spec.add_dependency 'will_paginate', '>= 3.1'
   spec.add_dependency 'wisper', '~> 2.0'
 end

data/exe/ditty

@@ -0,0 +1,4 @@
+#!/usr/bin/env ruby
+require 'ditty/cli'
+
+Ditty::CLI.start

data/lib/ditty/cli.rb

@@ -0,0 +1,44 @@
+# https://nandovieira.com/creating-generators-and-executables-with-thor
+require 'dotenv/load'
+require 'thor'
+require 'ditty'
+require 'ditty/rake_tasks'
+require 'rack'
+require 'rake'
+
+module Ditty
+  class CLI < Thor
+    include Thor::Actions
+
+    desc 'server', 'Start the Ditty server'
+    require './application' if File.exist?('application.rb')
+    def server
+      # Ensure the token files are present
+      Rake::Task['ditty:generate_tokens'].invoke
+
+      # Prep Ditty
+      Rake::Task['ditty:prep'].invoke
+
+      # Check the migrations
+      Rake::Task['ditty:migrate:check'].invoke
+
+      # Seed Ditty DB
+      puts 'Seeding the Ditty DB'
+      Rake::Task['ditty:seed'].invoke
+
+      # RackUP!
+      puts 'Starting the Ditty Server'
+      Rack::Server.start(config: 'config.ru')
+    end
+
+    desc 'migrate', 'Run the Ditty migrations'
+    def migrate
+      # Prep Ditty
+      Rake::Task['ditty:prep'].invoke
+
+      # Run the migrations
+      Rake::Task['ditty:migrate:up'].invoke
+      puts 'Ditty Migrations Executed'
+    end
+  end
+end

data/lib/ditty/controllers/application.rb

@@ -7,7 +7,6 @@ require 'sinatra/flash'
 require 'sinatra/respond_with'
 require 'ditty/helpers/views'
 require 'ditty/helpers/pundit'
-require 'ditty/helpers/wisper'
 require 'ditty/helpers/authentication'
 require 'ditty/services/logger'
 require 'active_support'
@@ -23,7 +22,7 @@ module Ditty
     set :view_location, nil
     set :model_class, nil
     # The order here is important, since Wisper has a deprecated method respond_with method
-    helpers Wisper::Publisher, Helpers::Wisper
+    helpers Wisper::Publisher
     helpers Helpers::Pundit, Helpers::Views, Helpers::Authentication
 
     register Sinatra::Flash, Sinatra::RespondWith
@@ -53,7 +52,7 @@ module Ditty
     end
 
     configure :production, :development do
-      enable :logging
+      disable :logging
       use Rack::CommonLogger, Ditty::Services::Logger.instance
     end
 
@@ -131,7 +130,7 @@ module Ditty
       ::Ditty::Services::Logger.instance.debug "Running with #{self.class}"
       if request.path =~ /.*\.json\Z/
         content_type :json
-        request.path_info = request.path_info.gsub(/.json$/,'')
+        request.path_info = request.path_info.gsub(/.json$/, '')
       end
       # Ensure the accept header is set. People forget to include it in API requests
       content_type(:json) if request.accept.count.eql?(1) && request.accept.first.to_s.eql?('*/*')

data/lib/ditty/controllers/component.rb

@@ -18,18 +18,36 @@ module Ditty
       dataset.first(settings.model_class.primary_key => id)
     end
 
+    def skip_verify!
+      @skip_verify = true
+    end
+
+    after do
+      return if settings.environment == 'production'
+      if (response.successful? || response.redirection?) && @skip_verify == false
+        verify_authorized if settings.environment != 'production'
+      end
+    end
+
+    after '/' do
+      return if settings.environment == 'production' || request.request_method != 'GET'
+      if (response.successful? || response.redirection?) && @skip_verify == false
+        verify_policy_scoped
+      end
+    end
+
     # List
     get '/' do
       authorize settings.model_class, :list
 
       result = list
 
-      log_action("#{dehumanized}_list".to_sym) if settings.track_actions
+      broadcast(:component_list, target: self)
       list_response(result)
     end
 
     # Create Form
-    get '/new' do
+    get '/new/?' do
       authorize settings.model_class, :create
 
       entity = settings.model_class.new(permitted_attributes(settings.model_class, :create))
@@ -44,24 +62,26 @@ module Ditty
       entity = settings.model_class.new(permitted_attributes(settings.model_class, :create))
       authorize entity, :create
 
-      entity.save # Will trigger a Sequel::ValidationFailed exception if the model is incorrect
+      entity.db.transaction do
+        entity.save # Will trigger a Sequel::ValidationFailed exception if the model is incorrect
+        broadcast(:component_create, target: self, entity: entity)
+      end
 
-      log_action("#{dehumanized}_create".to_sym) if settings.track_actions
       create_response(entity)
     end
 
     # Read
-    get '/:id' do |id|
+    get '/:id/?' do |id|
       entity = read(id)
       halt 404 unless entity
       authorize entity, :read
 
-      log_action("#{dehumanized}_read".to_sym) if settings.track_actions
+      broadcast(:component_read, target: self, entity: entity)
       read_response(entity)
     end
 
     # Update Form
-    get '/:id/edit' do |id|
+    get '/:id/edit/?' do |id|
       entity = read(id)
       halt 404 unless entity
       authorize entity, :update
@@ -72,26 +92,30 @@ module Ditty
     end
 
     # Update
-    put '/:id' do |id|
+    put '/:id/?' do |id|
       entity = read(id)
       halt 404 unless entity
       authorize entity, :update
 
-      entity.set(permitted_attributes(settings.model_class, :update))
-      entity.save # Will trigger a Sequel::ValidationFailed exception if the model is incorrect
+      entity.db.transaction do
+        entity.set(permitted_attributes(settings.model_class, :update))
+        entity.save # Will trigger a Sequel::ValidationFailed exception if the model is incorrect
+        broadcast(:component_update, target: self, entity: entity)
+      end
 
-      log_action("#{dehumanized}_update".to_sym) if settings.track_actions
       update_response(entity)
     end
 
-    delete '/:id' do |id|
+    delete '/:id/?' do |id|
       entity = read(id)
       halt 404 unless entity
       authorize entity, :delete
 
-      entity.destroy
+      entity.db.transaction do
+        entity.destroy
+        broadcast(:component_delete, target: self, entity: entity)
+      end
 
-      log_action("#{dehumanized}_delete".to_sym) if settings.track_actions
       delete_response(entity)
     end
   end

data/lib/ditty/controllers/main.rb

@@ -1,14 +1,30 @@
 # frozen_string_literal: true
 
 require 'ditty/controllers/application'
+require 'ditty/services/email'
+require 'securerandom'
 
 module Ditty
   class Main < Application
+    set track_actions: true
+
     def find_template(views, name, engine, &block)
       super(views, name, engine, &block) # Root
       super(::Ditty::App.view_folder, name, engine, &block) # Basic Plugin
     end
 
+    CHECK_PATHS = [settings.map_path, "#{settings.map_path}/auth/identity"].freeze
+
+    before(/.*/) do
+      return unless CHECK_PATHS.include? request.path
+      # Redirect to the registration page if there's no SA user
+      sa = Role.find_or_create(name: 'super_admin')
+      if User.where(roles: sa).count == 0
+        flash[:info] = 'Please register the super admin user.'
+        redirect "#{settings.map_path}/auth/identity/register"
+      end
+    end
+
     # Home Page
     get '/' do
       authenticate!
@@ -18,37 +34,62 @@ module Ditty
     # OmniAuth Identity Stuff
     # Log in Page
     get '/auth/identity' do
-      # Redirect to the registration page if there's no SA user
-      sa = Role.find_or_create(name: 'super_admin')
-      if User.where(roles: sa).count == 0
-        flash[:info] = 'Please register the super admin user.'
-        redirect "#{settings.map_path}/auth/identity/register"
-      end
       haml :'identity/login', locals: { title: 'Log In' }
     end
 
-    get '/auth/failure' do
-      broadcast(:identity_failed_login)
-      flash[:warning] = 'Invalid credentials. Please try again.'
-      redirect "#{settings.map_path}/auth/identity"
+    get '/auth/identity/forgot' do
+      haml :'identity/forgot', locals: { title: 'Forgot your password?' }
     end
 
-    post '/auth/identity/callback' do
-      if env['omniauth.auth']
-        # Successful Login
-        user = User.find(email: env['omniauth.auth']['info']['email'])
-        self.current_user = user
-        log_action(:identity_login, user: user)
-        flash[:success] = 'Logged In'
-        redirect env['omniauth.origin'] || "#{settings.map_path}/"
-      else
-        # Failed Login
-        broadcast(:identity_failed_login)
-        flash[:warning] = 'Invalid credentials. Please try again.'
+    post '/auth/identity/forgot' do
+      email = params['email']
+      identity = Identity[username: email]
+      if identity
+        # Update record
+        token = SecureRandom.hex(16)
+        identity.update(reset_token: token, reset_requested: Time.now)
+        # Send Email
+        reset_url = "#{request.base_url}#{settings.map_path}/auth/identity/reset?token=#{token}"
+        Ditty::Services::Email.deliver(
+          :forgot_password,
+          email,
+          locals: { identity: identity, reset_url: reset_url, request: request }
+        )
+      end
+      flash[:info] = 'An email was sent to the email provided with instructions on how to reset your password'
+      redirect '/auth/identity'
+    end
+
+    get '/auth/identity/reset' do
+      identity = Identity[reset_token: params['token']]
+      halt 404 unless identity && identity.reset_requested && identity.reset_requested > (Time.now - (24 * 60 * 60))
+
+      haml :'identity/reset', locals: { title: 'Reset your password', identity: identity }
+    end
+
+    put '/auth/identity/reset' do
+      identity = Identity[reset_token: params['token']]
+      halt 404 unless identity && identity.reset_requested && identity.reset_requested > (Time.now - (24 * 60 * 60))
+
+      identity_params = permitted_attributes(Identity, :update)
+
+      identity.set identity_params.merge(reset_token: nil, reset_requested: nil)
+      if identity.valid? && identity.save
+        broadcast(:identity_update_password, target: self, details: "IP: #{request.ip}")
+        flash[:success] = 'Password Updated'
         redirect "#{settings.map_path}/auth/identity"
+      else
+        broadcast(:identity_update_password_failed, target: self, details: "IP: #{request.ip}")
+        haml :'identity/reset', locals: { title: 'Reset your password', identity: identity }
       end
     end
 
+    get '/auth/failure' do
+      broadcast(:user_failed_login, target: self, details: "IP: #{request.ip}")
+      flash[:warning] = 'Invalid credentials. Please try again.'
+      redirect "#{settings.map_path}/auth/identity"
+    end
+
     # Register Page
     get '/auth/identity/register' do
       authorize ::Ditty::Identity, :register
@@ -62,18 +103,20 @@ module Ditty
       authorize ::Ditty::Identity, :register
 
       identity = Identity.new(params['identity'])
-      if identity.valid? && identity.save
-        user = User.find_or_create(email: identity.username)
-        user.add_identity identity
-
-        # Create the SA user if none is present
-        sa = Role.find_or_create(name: 'super_admin')
-        user.add_role sa if User.where(roles: sa).count == 0
+      begin
+        DB.transaction do
+          identity.save # Will trigger a Sequel::ValidationFailed exception if the model is incorrect
+          user = User.find(email: identity.username)
+          if user.nil?
+            user = User.create(email: identity.username)
 
-        log_action(:identity_register, user: user)
-        flash[:info] = 'Successfully Registered. Please log in'
-        redirect "#{settings.map_path}/auth/identity"
-      else
+            broadcast(:user_register, target: self, values: { user: user }, details: "IP: #{request.ip}")
+          end
+          user.add_identity identity
+          flash[:info] = 'Successfully Registered. Please log in'
+          redirect "#{settings.map_path}/auth/identity"
+        end
+      rescue Sequel::ValidationFailed
         flash.now[:warning] = 'Could not complete the registration. Please try again.'
         haml :'identity/register', locals: { identity: identity }
       end
@@ -81,13 +124,51 @@ module Ditty
 
     # Logout Action
     delete '/auth/identity' do
-      log_action(:identity_logout)
+      broadcast(:user_logout, target: self, details: "IP: #{request.ip}")
       logout
       flash[:info] = 'Logged Out'
 
       redirect "#{settings.map_path}/"
     end
 
+    post '/auth/identity/callback' do
+      if env['omniauth.auth']
+        # Successful Login
+        user = User.find(email: env['omniauth.auth']['info']['email'])
+        self.current_user = user
+        broadcast(:user_login, target: self, details: "IP: #{request.ip}")
+        flash[:success] = 'Logged In'
+        redirect env['omniauth.origin'] || "#{settings.map_path}/"
+      else
+        # Failed Login
+        broadcast(:identity_failed_login, target: self, details: "IP: #{request.ip}")
+        flash[:warning] = 'Invalid credentials. Please try again.'
+        redirect "#{settings.map_path}/auth/identity"
+      end
+    end
+
+    get '/auth/:provider/callback' do
+      if env['omniauth.auth']
+        # Successful Login
+        user = User.find(email: env['omniauth.auth']['info']['email'])
+        if user.nil?
+          DB.transaction do
+            user = User.create(email: env['omniauth.auth']['info']['email'])
+            broadcast(:user_register, target: self, values: { user: user }, details: "IP: #{request.ip}")
+          end
+        end
+        self.current_user = user
+        broadcast(:user_login, target: self, details: "IP: #{request.ip}")
+        flash[:success] = 'Logged In'
+        redirect env['omniauth.origin'] || "#{settings.map_path}/"
+      else
+        # Failed Login
+        broadcast(:user_failed_login, target: self, details: "IP: #{request.ip}")
+        flash[:warning] = 'Invalid credentials. Please try again.'
+        redirect "#{settings.map_path}/auth/identity"
+      end
+    end
+
     # Unauthenticated
     get '/unauthenticated' do
       redirect "#{settings.map_path}/auth/identity"