erp_tech_svcs 4.0.0 → 4.2.0

data/app/models/notification.rb

@@ -1,12 +1,27 @@
+# create_table :notifications do |t|
+#   t.string :type
+#   t.references :created_by
+#   t.text :message
+#   t.references :notification_type
+#   t.string :current_state
+#   t.text :custom_fields
+#
+#   t.timestamps
+# end
+#
+# add_index :notifications, :notification_type_id
+# add_index :notifications, :created_by_id
+# add_index :notifications, :type
+
 class Notification < ActiveRecord::Base
   attr_protected :created_at, :updated_at
-  
-  # serialize custom attributes
-  is_json :custom_fields
 
   belongs_to :notification_type
   belongs_to :created_by, :foreign_key => 'created_by_id', :class_name => 'Party'
-  
+
+  # serialize custom attributes
+  is_json :custom_fields
+
   include AASM
 
   aasm_column :current_state
@@ -22,28 +37,32 @@ class Notification < ActiveRecord::Base
 
   class << self
 
-    def create_notification_of_type(notification_type, dyn_attributes={}, created_by=nil)
-      notification_type = notification_type.class == NotificationType ? notification_type : NotificationType.find_by_internal_identifier(notification_type)
+    # Creates a Notification record with the notification type passed
+    #
+    # @param [NotificationType | String] the notification type to set, can be a NotificationType record or InternalIdentifier
+    # @param [Hash] custom fields to set on the notification
+    # @param [Party] the party that created the notification
+    def create_notification_of_type(notification_type, custom_fields={}, created_by=nil)
+      notification_type = notification_type.class == NotificationType ? notification_type : NotificationType.iid(notification_type)
 
-      notification = self.new(
+      notification = self.create(
           created_by: created_by,
           notification_type: notification_type
       )
 
-      dyn_attributes.each do |k,v|
-        notification.custom_fields[k] = v
-      end
+      notification.custom_fields = custom_fields
 
-      notification.save
+      notification.save!
 
       notification
     end
 
   end
 
+  # Delivers notification, called by the notifications delayed job
+  # this is a template method and should be overridden by sub class
+  #
   def deliver_notification
-    # template method
-    # should be overridden in sub class
   end
 
 end

data/app/models/notification_type.rb

@@ -1,5 +1,18 @@
+# create_table :notification_types do |t|
+#   t.string :internal_identifier
+#   t.string :description
+#
+#   t.timestamps
+# end
+#
+# add_index :notification_types, :internal_identifier
+
 class NotificationType < ActiveRecord::Base
   attr_protected :created_at, :updated_at
 
+  acts_as_erp_type
+
   has_many :notifications
+
+  validates :internal_identifier, uniqueness: {message: "Internal Identifiers should be unique"}
 end

data/app/models/security_role.rb

@@ -1,4 +1,7 @@
 class SecurityRole < ActiveRecord::Base
+
+  acts_as_nested_set
+  include ErpTechSvcs::Utils::DefaultNestedSetMethods
   acts_as_erp_type
   has_capability_accessors
   has_and_belongs_to_many :parties
@@ -10,10 +13,10 @@ class SecurityRole < ActiveRecord::Base
 
   attr_accessible :description, :internal_identifier
 
-	def to_xml(options = {})
-		default_only = []
-  	options[:only] = (options[:only] || []) + default_only
-  	super(options)
+  def to_xml(options = {})
+    default_only = []
+    options[:only] = (options[:only] || []) + default_only
+    super(options)
   end
 
   # creating method because we only want a getter, not a setter for iid
@@ -45,4 +48,14 @@ class SecurityRole < ActiveRecord::Base
     Group.joins(:party).joins("LEFT JOIN #{join_parties_security_roles}").where("parties_security_roles.security_role_id IS NULL")
   end
 
+  def to_data_hash
+    hash = to_hash(:only => [:id, :description, :internal_identifier, :created_at, :updated_at])
+
+    if parent
+      hash[:parent] = parent.to_data_hash
+    end
+
+    hash
+  end
+
 end

data/app/models/user.rb

@@ -7,7 +7,11 @@ class User < ActiveRecord::Base
   belongs_to :party
 
   attr_accessible :email, :password, :password_confirmation
+
   authenticates_with_sorcery!
+
+  attr_protected :created_at, :updated_at
+
   has_capability_accessors
 
   #password validations
@@ -22,12 +26,20 @@ class User < ActiveRecord::Base
   validates :username, :presence => {:message => 'cannot be blank'}, :uniqueness => {:case_sensitive => false}
 
   validate :email_cannot_match_username_of_other_user
+
   def email_cannot_match_username_of_other_user
-    unless User.where(:username => self.email).where('id != ?',self.id).first.nil?
+    unless User.where(:username => self.email).where('id != ?', self.id).first.nil?
       errors.add(:email, "In use by another user")
     end
   end
 
+  # auth token used for mobile app security
+  def generate_auth_token!
+    self.auth_token = SecureRandom.uuid
+    self.auth_token_expires_at = Time.now + 30.days
+    self.save
+  end
+
   # This allows the disabling of the activation email sent via the sorcery user_activation submodule
   def send_activation_needed_email!
     super unless skip_activation_email
@@ -38,7 +50,7 @@ class User < ActiveRecord::Base
     @instance_attrs.nil? ? {} : @instance_attrs
   end
 
-  def add_instance_attribute(k,v)
+  def add_instance_attribute(k, v)
     @instance_attrs = {} if @instance_attrs.nil?
     @instance_attrs[k] = v
   end
@@ -57,7 +69,7 @@ class User < ActiveRecord::Base
     result = false
     passed_roles.flatten!
     passed_roles.each do |role|
-      role_iid = role.is_a?(SecurityRole) ?  role.internal_identifier : role.to_s
+      role_iid = role.is_a?(SecurityRole) ? role.internal_identifier : role.to_s
       all_uniq_roles.each do |this_role|
         result = true if (this_role.internal_identifier == role_iid)
         break if result
@@ -71,46 +83,45 @@ class User < ActiveRecord::Base
     party.add_role(role)
   end
 
+  alias :add_security_role :add_role
+
   def add_roles(*passed_roles)
     party.add_roles(*passed_roles)
   end
 
+  alias :add_security_roles :add_roles
+
   def remove_roles(*passed_roles)
     party.remove_roles(*passed_roles)
   end
 
+  alias :remove_security_roles :remove_roles
+
   def remove_role(role)
     party.remove_role(role)
   end
 
+  alias :remove_security_role :remove_role
+
   def remove_all_roles
     party.remove_all_roles
   end
 
-  # user lives on FROM side of relationship
-  def group_relationships
-    role_type = RoleType.find_by_internal_identifier('group_member')
-    PartyRelationship.where(:party_id_from => self.party.id, :role_type_id_from => role_type.id)
-  end
-
-  def join_party_relationships
-    role_type = RoleType.find_by_internal_identifier('group_member')
-    "party_relationships ON party_id_from = #{self.party.id} AND party_id_to = parties.id AND role_type_id_from=#{role_type.id}"
-  end
+  alias :remove_all_security_roles :remove_all_roles
 
   # party records for the groups this user belongs to
   def group_parties
-    Party.joins("JOIN #{join_party_relationships}")
+    Party.joins("JOIN #{group_member_join}")
   end
 
   # groups this user belongs to
   def groups
-    Group.joins(:party).joins("JOIN #{join_party_relationships}")
+    Group.joins(:party).joins("JOIN #{group_member_join}")
   end
 
   # groups this user does NOT belong to
   def groups_not
-    Group.joins(:party).joins("LEFT JOIN #{join_party_relationships}").where("party_relationships.id IS NULL")
+    Group.joins(:party).joins("LEFT JOIN #{group_member_join}").where("party_relationships.id IS NULL")
   end
 
   # roles assigned to the groups this user belongs to
@@ -120,10 +131,50 @@ class User < ActiveRecord::Base
       where("parties.business_party_id IN (#{groups.select('groups.id').to_sql})")
   end
 
+  # Add a group to this user
+  #
+  # @param group [Group] Group to add
+  def add_group(group)
+    group.add_user(self)
+  end
+
+  # Add multiple groups to this user
+  #
+  # @param _groups [Array] Groups to add
+  def add_groups(_groups)
+    _groups.each do |group|
+      add_group(group)
+    end
+  end
+
+  # Remove a group from this user
+  #
+  # @param group [Group] Group to remove
+  def remove_group(group)
+    group.remove_user(self)
+  end
+
+  # Remove multiple groups from this user
+  #
+  # @param _groups [Array] Groups to remove
+  def remove_groups(_groups)
+    _groups.each do |group|
+      remove_group(group)
+    end
+  end
+
+  # Remove all current groups from this user
+  #
+  def remove_all_groups
+    groups.each do |group|
+      remove_group(group)
+    end
+  end
+
   # composite roles for this user
   def all_roles
     SecurityRole.joins(:parties).joins("LEFT JOIN users ON parties.id=users.party_id").
-      where("(parties.business_party_type='Group' AND 
+    where("(parties.business_party_type='Group' AND
               parties.business_party_id IN (#{groups.select('groups.id').to_sql})) OR 
              (users.id=#{self.id})")
   end
@@ -133,20 +184,20 @@ class User < ActiveRecord::Base
   end
 
   def group_capabilities
-    Capability.joins(:capability_type).joins(:capability_accessors).
-          where(:capability_accessors => { :capability_accessor_record_type => "Group" }).
-          where("capability_accessor_record_id IN (#{groups.select('groups.id').to_sql})")
+    Capability.includes(:capability_type).joins(:capability_type).joins(:capability_accessors).
+      where(:capability_accessors => {:capability_accessor_record_type => "Group"}).
+      where("capability_accessor_record_id IN (#{groups.select('groups.id').to_sql})")
   end
 
   def role_capabilities
-    Capability.joins(:capability_type).joins(:capability_accessors).
-          where(:capability_accessors => { :capability_accessor_record_type => "SecurityRole" }).
-          where("capability_accessor_record_id IN (#{all_roles.select('security_roles.id').to_sql})")
+    Capability.includes(:capability_type).joins(:capability_type).joins(:capability_accessors).
+      where(:capability_accessors => {:capability_accessor_record_type => "SecurityRole"}).
+      where("capability_accessor_record_id IN (#{all_roles.select('security_roles.id').to_sql})")
   end
 
   def all_capabilities
-    Capability.joins(:capability_type).joins(:capability_accessors).
-          where("(capability_accessors.capability_accessor_record_type = 'Group' AND
+    Capability.includes(:capability_type).joins(:capability_type).joins(:capability_accessors).
+    where("(capability_accessors.capability_accessor_record_type = 'Group' AND
                   capability_accessor_record_id IN (#{groups.select('groups.id').to_sql})) OR
                  (capability_accessors.capability_accessor_record_type = 'SecurityRole' AND
                   capability_accessor_record_id IN (#{all_roles.select('security_roles.id').to_sql})) OR
@@ -178,11 +229,47 @@ class User < ActiveRecord::Base
   end
 
   def class_capabilities_to_hash
-    all_uniq_class_capabilities.map {|capability| 
-      { :capability_type_iid => capability.capability_type.internal_identifier, 
-        :capability_resource_type => capability.capability_resource_type 
-      }
+    all_uniq_class_capabilities.map { |capability|
+      { capability_type_iid: capability.capability_type.internal_identifier,
+        capability_type_description: capability.capability_type.description,
+        capability_resource_type: capability.capability_resource_type
+        }
     }.compact
   end
 
+  def to_data_hash
+    data = to_hash(only: [
+                     :auth_token,
+                     :id,
+                     :username,
+                     :email,
+                     :activation_state,
+                     :last_login_at,
+                     :last_logout_at,
+                     :last_activity_at,
+                     :failed_logins_count,
+                     :created_at,
+                     :updated_at
+                   ],
+                   display_name: party.description,
+                   is_admin: party.has_security_role?('admin'),
+                   party: party.to_data_hash
+                   )
+
+    # add first name and last name if this party is an Individual
+    if self.party.business_party.is_a?(Individual)
+      data[:first_name] = self.party.business_party.current_first_name
+      data[:last_name] = self.party.business_party.current_last_name
+    end
+
+    data
+  end
+
+  protected
+
+  def group_member_join
+    role_type = RoleType.find_by_internal_identifier('group_member')
+    "party_relationships ON party_id_from = #{self.party.id} AND party_id_to = parties.id AND role_type_id_from=#{role_type.id}"
+  end
+
 end

data/app/validators/password_strength_validator.rb

@@ -1,7 +1,7 @@
 class PasswordStrengthValidator < ActiveModel::EachValidator
   # implement the method where the validation logic must reside
   def validate_each(record, attribute, value)
-    password_validation_hash = record.password_validator || {:error_message => 'must be at least 8 characters long and start and end with a letter', :regex => '^[A-Za-z]\w{6,}[A-Za-z]$'}
+    password_validation_hash = record.password_validator || {:error_message => 'must be between 8 and 20 characters with no spaces', :regex => '^\S{8,20}$'}
     record.errors[attribute] << password_validation_hash[:error_message] unless Regexp.new(password_validation_hash[:regex]) =~ value
   end
 end

data/app/views/user_mailer/activation_needed_email.html.erb

@@ -1,24 +1,302 @@
-<!DOCTYPE html>
-<html>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
+    "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
 <head>
-  <meta content="text/html; charset=UTF-8" http-equiv="Content-Type"/>
+  <meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>
+  <meta name="viewport" content="width=device-width, initial-scale=1, minimum-scale=1, maximum-scale=1"/>
+  <title>Welcome</title>
+  <style type="text/css">
+    .ReadMsgBody {
+      width: 100%;
+      background-color: #ffffff;
+    }
+
+    .ExternalClass {
+      width: 100%;
+      background-color: #ffffff;
+    }
+
+    html {
+      width: 100%;
+    }
+
+    body {
+      -webkit-text-size-adjust: none;
+      -ms-text-size-adjust: none;
+      margin: 0;
+      padding: 0;
+    }
+
+    table {
+      border-spacing: 0;
+      border-collapse: collapse;
+    }
+
+    img {
+      display: block !important;
+    }
+
+    table td {
+      border-collapse: collapse;
+    }
+
+    .top-margin {
+      height: 50px;
+    }
+
+    .main-header {
+      padding: 50px 100px;
+      background: rgba(0, 0, 0, 0.5);
+      font-weight: 300;
+    }
+
+    .footer {
+      margin-top: 20px;
+    }
+
+    /* ----------- media queries (responsive) ----------- */
+
+    @media only screen and (max-width: 640px) {
+      body .show {
+        display: block !important;
+      }
+
+      body .hide {
+        display: none !important;
+      }
+
+      body .container590 {
+        width: 440px !important;
+      }
+    }
+
+    @media only screen and (max-width: 480px) {
+      body .show {
+        display: block !important;
+      }
+
+      body .hide {
+        display: none !important;
+      }
+
+      body .container590 {
+        width: 280px !important;
+      }
+    }
+
+  </style>
 </head>
+
 <body>
-<h1>Welcome <%= @user.username %></h1>
-<% if @temp_password %>
-    <p>An account has been created for you, to activate your account follow this link: <a href="<%= @url %>"><%= @url %></a></p>
 
-    <p>Your username is <%= @user.username %>, your temporary password is <%= @temp_password %>.</p>
+<div class="top-margin"></div>
+
+<table border="0" width="100%" cellpadding="0" cellspacing="0">
+  <tr>
+    <td align="center" bgcolor="323232"
+        style="background-image: url('https://truenorthtechnology.com/download/life3.jpg?path=&disposition=inline'); background-size: cover; background-position: top center; background-repeat: repeat;">
+
+      <table border="0" align="center" cellpadding="0" cellspacing="0" class="container590">
+
+        <tr>
+          <td height="25" style="font-size: 25px; line-height: 25px;">&nbsp;</td>
+        </tr>
+
+
+        <tr>
+          <td height="30" style="font-size: 30px; line-height: 30px;">&nbsp;</td>
+        </tr>
+        <tr>
+          <td height="50" style="font-size: 50px; line-height: 50px;">&nbsp;</td>
+        </tr>
+
+        <tr>
+          <td class="main-header" align="center" height="42"
+              style="color: #ffffff; font-size: 32px; font-family: 'Open Sans', Calibri, sans-serif; mso-line-height-rule: exactly; line-height: 40px;">
+
+            <!-- ============ title header ============ -->
+
+            <div style="line-height: 34px;">
+                <span>
+                    <multiline>
+                      <strong>Welcome <%= @user.username %></strong> <br><br>
+                      An account has been created for you!
+                    </multiline>
+                </span>
+            </div>
+          </td>
+        </tr>
+
+        <tr>
+          <td height="10" style="font-size: 10px; line-height: 10px;">&nbsp;</td>
+        </tr>
+
+
+        <tr>
+          <td height="50" style="font-size: 50px; line-height: 50px;">&nbsp;</td>
+        </tr>
+
+        <tr>
+          <td align="center">
+
+            <table class="cta-button" border="0" align="center" width="163" cellpadding="0" cellspacing="0"
+                   style="border: none">
+              <tr>
+                <td height="10" style="font-size: 10px; line-height: 10px;">&nbsp;</td>
+              </tr>
+
+              <tr>
+                <td>
+                  <table border="0" align="center" cellpadding="0" cellspacing="0">
+                    <tr>
+                      <td align="center"
+                          style="color: #ffffff; font-size: 13px; font-family: 'Open Sans', Calibri, sans-serif; font-weight: 600; line-height: 24px;">
+                        <!-- ============ headline button ============ -->
+                      </td>
+
+                      <td width="14" align="right" valign="middle">
+
+                      </td>
+                    </tr>
+                  </table>
+                </td>
+              </tr>
+
+              <tr>
+                <td height="10" style="font-size: 10px; line-height: 10px;">&nbsp;</td>
+              </tr>
+
+            </table>
+          </td>
+        </tr>
+
+        <tr>
+          <td height="115" style="font-size: 115px; line-height: 115px;">&nbsp;</td>
+        </tr>
+
+      </table>
+    </td>
+  </tr>
+
+</table>
+
+
+<table width="100%" border="0" align="center" cellpadding="0" cellspacing="0" bgcolor="#ffffff">
+  <tr>
+    <td height="50">&nbsp;</td>
+  </tr>
+
+  <tr>
+    <td>
+      <table class="container590" border="0" align="center" width="590" cellpadding="0" cellspacing="0">
+        <tr>
+          <td>
+            <p class="instructions" style="text-align: center; color: #555; font-size: 24px; font-family: 'Open Sans', Calibri, sans-serif; mso-line-height-rule: exactly; line-height: 42px;">To
+              Activate your new account, please follow this link:</p>
+
+            <p style="text-align: center">
+
+            <table border="0" align="center" width="124" cellpadding="0" cellspacing="0"
+                   bgcolor="5ab600" style="border-radius: 3px;">
+              <tr>
+                <td height="6" style="font-size: 6px; line-height: 6px;">&nbsp;</td>
+              </tr>
+
+              <tr>
+                <td>
+                  <table border="0" align="center" cellpadding="0" cellspacing="0">
+                    <tr>
+                      <td align="center"
+                          style="color: #ffffff; font-size: 13px; font-family: Open Sans, Calibri, sans-serif; font-weight: 700;">
+
+                        <div style="line-height: 24px;">
+                        <span>
+                        <a href="<%= @url %>"
+                           style="color: #ffffff; text-decoration: none;">
+                          <singleline>Confirm</singleline>
+                        </a>
+                        </span>
+                        </div>
+                      </td>
+                    </tr>
+                  </table>
+                </td>
+              </tr>
+
+              <tr>
+                <td height="6" style="font-size: 6px; line-height: 6px;">&nbsp;</td>
+              </tr>
+
+            </table>
+
+            <p style="text-align: center; color: #555; font-size: 12px; font-family: 'Open Sans', Calibri, sans-serif; mso-line-height-rule: exactly; line-height: 42px;"><%= @url %></p>
+
+
+            <p style="text-align: center; color: #555; font-size: 12px; font-family: 'Open Sans', Calibri, sans-serif; mso-line-height-rule: exactly; line-height: 42px;">Your
+              username is: <strong><%= @user.username %></strong>
+              <% if @temp_password %>
+                Your password is: <strong><%= @temp_password %>
+              <% else %>
+                , your password is what was used during registration.
+              <% end %>
+              </strong></p>
+
+          </td>
+        </tr>
+      </table>
+
+    </td>
+  </tr>
+
+  <tr>
+    <td height="100" style="font-size: 100px; line-height: 100px;">&nbsp;</td>
+  </tr>
+
+</table>
+
+
+<table class="footer" border="0" width="100%" cellpadding="0" cellspacing="0" bgcolor="2d2d2d">
+
+  <tr>
+    <td height="20" style="font-size: 20px; line-height: 20px;">&nbsp;</td>
+  </tr>
+
+  <tr>
+    <td align="center">
+
+      <table border="0" align="center" width="590" class="container590" cellpadding="0" cellspacing="0">
+
+        <tr>
+          <td align="center">
+
+            <table border="0" class="container590" align="center" cellpadding="0" cellspacing="0">
+              <tr>
+                <td align="center"
+                    style="color: #717171; font-size: 14px; font-family: 'Open Sans', Calibri, sans-serif; line-height: 25px;">
+                  <div style=" line-height: 25px;">
+                              <span>
+                              <multiline>
+                                © <%= Time.now.year %> Copyright. All Rights Reserved.
+                              </multiline>
+                              </span>
+                  </div>
+                </td>
+              </tr>
+
+            </table>
+
+          </td>
+        </tr>
+
+      </table>
+    </td>
+  </tr>
 
-    <p>Please login and update your password.</p>
-<% else %>
-    <p>
-      You have successfully registered, to activate your account follow this link: <a href="<%= @url %>"><%= @url %></a>
-    </p>
+  <tr>
+    <td height="20" style="font-size: 20px; line-height: 20px;">&nbsp;</td>
+  </tr>
 
-    <p>Your username is <%= @user.username %>, use the password you set during registration to login.</p>
+</table>
 
-    <p>Thanks for joining and have a great day!!</p>
-<% end %>
 </body>
 </html>