erp_tech_svcs 3.1.8 → 4.0.0

checksums.yaml

@@ -1,15 +1,7 @@
 ---
-!binary "U0hBMQ==":
-  metadata.gz: !binary |-
-    YzA2YjkzOTY3NTA1ZjU4NjdmZDc5Mjk1YmVkMTJkNTZiYTkzNzQzNQ==
-  data.tar.gz: !binary |-
-    NTE3NWRlNjZlZTg2ODRiMDlmMzExOTZmZWZiYTAwN2Y2YjQ5ZTRhZg==
-!binary "U0hBNTEy":
-  metadata.gz: !binary |-
-    YTE0MDZhZjFhNjM0YjcwOTFjZGVjMmI5YzE3N2YxNzk4MmZmNzZiNDFmZTEw
-    MzZiMjE3Y2I0OTBhYzU1MzNlYTU1MmJlZmQ4M2YxNTQ2MDEzYmI2MTczZGJj
-    NGI5Zjk2OTYwZjczNjdmMGMwZGE3M2JjZTFmZjZhNTMxYjE1ZTU=
-  data.tar.gz: !binary |-
-    Y2I3MjlkZTMwYTJjYTAwYTg1NDZkMDIxZDkyZmJhMmUyNzY0NTA1NTJmODJl
-    NTE3YzljNWY1YmM2MWUyMzc4ODNlNWM4YzI0ZjZlZjJkZjAzYThiM2UzODI2
-    NTNhYjE4NTdkMWVlOGI2ODlmMmZlNmM2NWM2NDgwMGU4MGQzYWM=
+SHA1:
+  metadata.gz: 7bc1ac2673d51f0305cefdda4751e83b2e5c9c8b
+  data.tar.gz: 8cd8163998ed18e9830e422bb8b711cb7444aba5
+SHA512:
+  metadata.gz: b05a87fbda29e7a21d9ce740a2bad21ced5ff359cdc99685bdb4538516beae0eabc30733621d9e1c5919109ad1fa84559a4b2f00ea97bca455d1148ff01d6218
+  data.tar.gz: 0a6bb2c5cbb497360561bb79b16c36cc71e52251721ce3adf604ad8fe9e4409c222f969a33e166abd5692ee9e26aa237a0a07776657adb0c86e870bc24da4de3

data/README.md

@@ -13,24 +13,30 @@ This engine is implemented with the premise that services like logging, tracing
 - email\_notifications\_from
   - From address for email notifications.
   - Default : 'notifications@noreply.com'
+- email_regex
+  - Email validation regex
+  - Default : ^[a-zA-Z0-9._-]+@[a-zA-Z0-9.-]+\.[a-zA-Z]{2,6}$
 - max\_file\_size\_in\_mb
   - Max allowed file upload size in mega bytes.
   - Default : 5
+- file_upload_types
+  - Allowed file upload types
+  - Default : 'txt,pdf,zip,tgz,gz,rar,jpg,jpeg,gif,png,tif,tiff,bmp,csv,xls,xlsx,doc,docx,ppt,pptx,psd,ai,css,js,mp3,mp4,m4a,m4v,mov,wav,wmv'
 - file\_assets\_location
   - Where you want file_assets to be saved to.
   - Default : file_assets
 - file\_storage
   - File storage to use either s3 or filesystem.
   - Default : :filesystem
+- file\_protocol
+  - Protocol for file urls
+  - Default : http
 - s3\_url\_expires\_in_seconds
   - Set expiration in seconds on an S3 url to a secure file
   - Default : 60
 - s3\_protocol
   - Protocol for S3 URLs
   - Default : https
-- s3\_cache\_expires\_in\_minutes
-  - S3 assets are cached for performance. Set expiration lifetime here in minutes.
-  - Default : 60
 - session\_expires\_in_hours
   - Used by DeleteExpiredSessionsJob to purge inaactive sessions from database.
   - Default : 12
@@ -46,13 +52,13 @@ To override these settings simple create a erp_tech_svcs.rb file in your initial
       config.login_url = '/erp_app/login'
       config.email_notifications_from = 'notifications@noreply.com'
       config.max_file_size_in_mb = 5
-      config.file_assets_location = 'file_assets' # relative to Rails.root/
-      config.s3_url_expires_in_seconds = 60 
-      config.s3_protocol = 'https' # Can be either 'http' or 'https'
-      config.file_storage = :filesystem # Can be either :s3 or :filesystem
-      config.s3_cache_expires_in_minutes = 60 
-      config.session_expires_in_hours = 12 # this is used by DeleteExpiredSessionsJob to purge inaactive sessions from database 
+      config.session_expires_in_hours = 12 # this is used by DeleteExpiredSessionsJob to purge inaactive sessions from database
       config.compass_logger_path = "#{Rails.root}/log"
+      config.file_assets_location = 'file_assets' # relative to Rails.root
+      config.file_protocol = 'http'
+      config.file_storage = :filesystem # Can be either :s3 or :filesystem
+      config.s3_url_expires_in_seconds = 60
+      config.s3_protocol = 'https' # Can be either 'http' or 'https'
     end
     Rails.application.config.erp_tech_svcs.configure!
 

data/app/controllers/erp_tech_svcs/session_controller.rb

@@ -1,17 +1,15 @@
 module ErpTechSvcs
   class SessionController < ActionController::Base
     def create
-      last_login_at = nil
-      potential_user = User.where('username = ? or email = ?', params[:login], params[:login]).first
-      last_login_at = potential_user.last_login_at unless potential_user.nil?
-      if login(params[:login],params[:password])
+      login = params[:login].strip
+      if login(login, params[:password])
         #log when someone logs in
         ErpTechSvcs::ErpTechSvcsAuditLog.successful_login(current_user)
 
         #set logout
         session[:logout_to] = params[:logout_to]
 
-        login_to = session[:return_to_url].blank? ? (last_login_at.nil? ? params[:first_login_to] : params[:login_to]) : session[:return_to_url]
+        login_to = session[:return_to_url].blank? ? params[:login_to] : session[:return_to_url]
         request.xhr? ? (render :json => {:success => true, :login_to => login_to}) : (redirect_to login_to)
       else
         message = "Login failed. Try again"
@@ -23,7 +21,7 @@ module ErpTechSvcs
     def destroy
       message = "You have logged out."
       logged_out_user_id = current_user.id unless current_user === false
-      logout_to          = session[:logout_to]
+      logout_to = session[:logout_to]
 
       logout
 
@@ -41,5 +39,20 @@ module ErpTechSvcs
     def keep_alive
       render :json => {:success => true, :last_activity_at => current_user.last_activity_at}
     end
-  end#SessionsController
-end#ErpTechSvcs
+
+    def is_alive
+      if current_user
+        time_since_last_activity = (Time.now - current_user.last_activity_at)
+
+        if time_since_last_activity > (ErpApp::Config.session_redirect_after * 60)
+          render :json => {alive: false}
+        else
+          render :json => {alive: true}
+        end
+      else
+        render :json => {alive: false}
+      end
+    end
+
+  end #SessionsController
+end #ErpTechSvcs

data/app/controllers/erp_tech_svcs/user_controller.rb

@@ -31,11 +31,16 @@ module ErpTechSvcs
     def reset_password
       begin
         login_url = params[:login_url].blank? ? ErpTechSvcs::Config.login_url : params[:login_url]
-        if user = (User.find_by_email(params[:login]))
-          new_password = Sorcery::Model::TemporaryToken.generate_random_token
+        login = params[:login].strip
+        if user = (User.where('username = ? or email = ?', login, login)).first
+
+          # generate new password with only letters
+          charset = %w{ A C D E F G H J K M N P Q R T V W X Y Z }
+          new_password = (0...8).map{ charset.to_a[rand(charset.size)] }.join
+
           user.password_confirmation = new_password
           if user.change_password!(new_password)
-            user.add_instance_attribute(:login_url,login_url)
+            user.add_instance_attribute(:login_url, login_url)
             user.add_instance_attribute(:domain, params[:domain])
             user.deliver_reset_password_instructions!
             message = "Password has been reset.  An email has been sent with further instructions to #{user.email}."
@@ -48,14 +53,14 @@ module ErpTechSvcs
           message = "Invalid user name or email address."
           success = false
         end
-        render :json => {:success => success,:message => message}
-      rescue Exception=>ex
-        logger.error ex.message
-        logger.error ex.backtrace
-        render :json => {:success => false,:message => 'Error sending email.'}
+        render :json => {:success => success, :message => message}
+      rescue => ex
+        Rails.logger.error ex.message
+        Rails.logger.error ex.backtrace.join("\n")
+        render :json => {:success => false, :message => 'Error sending email.'}
       end
     end
 
 
-  end#UserController
-end#ErpTechSvcs
+  end #UserController
+end #ErpTechSvcs

data/app/mailers/user_mailer.rb

@@ -5,6 +5,9 @@ class UserMailer < ActionMailer::Base
     @user = user
     @url  = "#{get_domain(user.instance_attributes[:domain])}/users/activate/#{user.activation_token}"
     @url << "?login_url=#{@user.instance_attributes[:login_url]}" unless @user.instance_attributes[:login_url].nil?
+
+    @temp_password = @user.instance_attributes[:temp_password] unless @user.instance_attributes[:temp_password].nil?
+
     mail(:to => user.email, :subject => "An account has been created and needs activation")
   end
 

data/app/models/audit_log.rb

@@ -1,8 +1,6 @@
 class AuditLog < ActiveRecord::Base
   attr_protected :created_at, :updated_at
 
-  attr_protected :created_at, :updated_at
-
   validates :party_id, :presence => {:message => 'cannot be blank'}
   validates :description, :presence => {:message => 'cannot be blank'}
   validates :audit_log_type, :presence => {:message => 'cannot be blank'}

data/app/models/extensions/note.rb

@@ -1,6 +1,5 @@
 Note.class_eval do
   def created_by_username
-    party = Party.find(created_by.id)
-    party.user.username
+    created_by.user.username rescue ''
   end
 end

data/app/models/extensions/party.rb

@@ -1,4 +1,9 @@
 Party.class_eval do
   has_security_roles
-  has_one :user, :dependent => :destroy
+  has_many :users, :dependent => :destroy
+
+  # Helper method as most parties will have only one user
+  def user
+    users.first
+  end
 end

data/app/models/file_asset.rb

@@ -1,29 +1,31 @@
 require 'fileutils'
 
-Paperclip.interpolates(:file_path){|data, style|
+Paperclip.interpolates(:file_path) { |data, style|
   case ErpTechSvcs::Config.file_storage
-  when :filesystem
-    file_support = ErpTechSvcs::FileSupport::Base.new
-    File.join(file_support.root,data.instance.directory,data.instance.name)
-  when :s3
-    File.join(data.instance.directory,data.instance.name)
+    when :filesystem
+      file_support = ErpTechSvcs::FileSupport::Base.new
+      File.join(file_support.root, data.instance.directory, data.instance.name)
+    when :s3
+      File.join(data.instance.directory, data.instance.name)
   end
 }
 
-Paperclip.interpolates(:file_url){|data, style|
+Paperclip.interpolates(:file_url) { |data, style|
   url = File.join(data.instance.directory, data.instance.name)
   case ErpTechSvcs::Config.file_storage
-  when :filesystem
-    #if public is at the front of this path and we are using file_system remove it
-    dir_pieces = url.split('/')
-    unless dir_pieces[1] == 'public'
-      "/download/#{data.instance.name}?path=#{dir_pieces.delete_if{|name| name == data.instance.name}.join('/')}"
-    else
-      dir_pieces.delete_at(1) if dir_pieces[1] == 'public'
-      dir_pieces.join('/')
-    end
-  when :s3
-    url
+    when :filesystem
+      #if public is at the front of this path and we are using file_system remove it
+      dir_pieces = url.split('/')
+      path = unless dir_pieces[1] == 'public'
+               "/download/#{data.instance.name}?path=#{dir_pieces.delete_if { |name| name == data.instance.name }.join('/')}"
+             else
+               dir_pieces.delete_at(1) if dir_pieces[1] == 'public'
+               dir_pieces.join('/')
+             end
+
+      "#{ErpTechSvcs::Config.file_protocol}://#{File.join(ErpTechSvcs::Config.installation_domain, path)}"
+    when :s3
+      url
   end
 }
 
@@ -40,25 +42,30 @@ class FileAsset < ActiveRecord::Base
     class_inheritable_writer :valid_extensions
   end
 
+  # setup scoping
+  add_scoped_by :scoped_by
+
   after_create :set_sti
+  # must fire after paperclip's after_save :save_attached_files
+  after_save :set_data_file_name, :save_dimensions
+  before_validation(on: :create) do
+    self.check_name_uniqueness
+  end
 
   belongs_to :file_asset_holder, :polymorphic => true
   instantiates_with_sti
 
   protected_with_capabilities
-  
+
   #paperclip
   has_attached_file :data,
-    :storage => ErpTechSvcs::Config.file_storage,
-    :s3_protocol => ErpTechSvcs::Config.s3_protocol,
-    :s3_permissions => :public_read,
-    :s3_credentials => "#{Rails.root}/config/s3.yml",
-    :path => ":file_path",
-    :url => ":file_url",
-    :validations => { :extension => lambda { |data, file| validate_extension(data, file) } }
-
-  # must fire after paperclip's after_save :save_attached_files
-  after_save   :set_data_file_name, :save_dimensions
+                    :storage => ErpTechSvcs::Config.file_storage,
+                    :s3_protocol => ErpTechSvcs::Config.s3_protocol,
+                    :s3_permissions => :public_read,
+                    :s3_credentials => "#{Rails.root}/config/s3.yml",
+                    :path => ":file_path",
+                    :url => (ErpTechSvcs::Config.file_storage == :filesystem ? ":file_url" : (ErpTechSvcs::Config.s3_url || ":file_url")),
+                    :validations => {:extension => lambda { |data, file| validate_extension(data, file) }}
 
   before_post_process :set_content_type
 
@@ -79,18 +86,18 @@ class FileAsset < ActiveRecord::Base
 
     def type_for(name)
       classes = all_subclasses.uniq
-      classes.detect{ |k| k.acceptable?(name) }.try(:name)
+      classes.detect { |k| k.acceptable?(name) }.try(:name)
     end
 
     def type_by_extension(extension)
-      klass = all_subclasses.detect{ |k| k.valid_extensions.include?(extension) }
+      klass = all_subclasses.detect { |k| k.valid_extensions.include?(extension) }
       klass = TextFile if klass.nil?
       klass
     end
 
     def validate_extension(data, file)
       if file.name && !file.class.valid_extensions.include?(File.extname(file.name))
-        types = all_valid_extensions.map{ |type| type.gsub(/^\./, '') }.join(', ')
+        types = all_valid_extensions.map { |type| type.gsub(/^\./, '') }.join(', ')
         "#{file.name} is not a valid file type. Valid file types are #{types}."
       end
     end
@@ -118,7 +125,7 @@ class FileAsset < ActiveRecord::Base
     base_path ||= data.original_filename if data.respond_to?(:original_filename)
 
     directory, name = FileAsset.split_path(base_path) if base_path and name.blank?
-    directory.gsub!(Rails.root.to_s,'')
+    directory.gsub!(Rails.root.to_s, '')
 
     @type ||= FileAsset.type_for(name) if name
     @type = "TextFile" if @type.nil?
@@ -129,10 +136,37 @@ class FileAsset < ActiveRecord::Base
     super attributes.merge(:directory => directory, :name => name, :data => data)
   end
 
+  def check_name_uniqueness
+    # check if name is already taken
+    unless FileAsset.where('directory = ? and name = ?',  self.directory, self.name).first.nil?
+      # if it is keeping add incrementing by 1 until we have a good name
+      counter = 0
+      while true
+        counter += 1
+
+        # break after 25, we don't want in infinite loop
+        break if counter == 25
+
+        new_name = "#{basename}-#{counter}.#{extname}"
+
+        if FileAsset.where('directory = ? and name = ?', self.directory, new_name).first.nil?
+          self.name = new_name
+          break
+        end
+      end
+    end
+  end
+
   def is_secured?
     self.protected_with_capability?('download')
   end
 
+  def copy(path, name)
+    file_support = ErpTechSvcs::FileSupport::Base.new(:storage => ErpTechSvcs::Config.file_storage)
+
+    file_support.copy(self.path, path, name)
+  end
+
   # compass file download url
   def url
     "/download/#{self.name}?path=#{self.directory}"
@@ -143,7 +177,7 @@ class FileAsset < ActiveRecord::Base
     file_support = ErpTechSvcs::FileSupport::Base.new(:storage => ErpTechSvcs::Config.file_storage)
 
     if ErpTechSvcs::Config.file_storage == :s3
-      file_path = File.join(self.directory,self.name).sub(%r{^/},'')
+      file_path = File.join(self.directory, self.name).sub(%r{^/}, '')
       options = {}
       options[:expires] = ErpTechSvcs::Config.s3_url_expires_in_seconds if self.is_secured?
       return file_support.bucket.objects[file_path].url_for(:read, options).to_s
@@ -152,7 +186,7 @@ class FileAsset < ActiveRecord::Base
     end
   end
 
-  def save_dimensions 
+  def save_dimensions
     if type == 'Image'
       begin
         f = Paperclip::Geometry.from_file(self.path)
@@ -160,7 +194,7 @@ class FileAsset < ActiveRecord::Base
         h = f.height.to_i
         update_attribute(:width, w) if width != w
         update_attribute(:height, h) if height != h
-      rescue Exception=>ex
+      rescue => ex
         Rails.logger.error('Could not save width and height of image. Make sure Image Magick and the identify command are accessible')
       end
     end
@@ -168,11 +202,19 @@ class FileAsset < ActiveRecord::Base
   end
 
   def basename
-    data_file_name.gsub(/\.#{extname}$/, "")
+    name.gsub(/\.#{extname}$/, "")
+  end
+
+  def trim_name(size)
+    if self.name.length < size
+      self.name
+    else
+      self.name[0..size]
+    end
   end
 
   def extname
-    File.extname(self.data_file_name).gsub(/^\.+/, '')
+    File.extname(name).gsub(/^\.+/, '')
   end
 
   def set_sti

data/app/models/group.rb

@@ -133,7 +133,7 @@ class Group < ActiveRecord::Base
   def remove_party(a_party)
     begin
       get_relationship(a_party).first.destroy
-    rescue Exception => e
+    rescue => e
       Rails.logger.error e.message
       return nil
     end

data/app/models/notification.rb

@@ -0,0 +1,49 @@
+class Notification < ActiveRecord::Base
+  attr_protected :created_at, :updated_at
+  
+  # serialize custom attributes
+  is_json :custom_fields
+
+  belongs_to :notification_type
+  belongs_to :created_by, :foreign_key => 'created_by_id', :class_name => 'Party'
+  
+  include AASM
+
+  aasm_column :current_state
+
+  aasm_initial_state :pending
+
+  aasm_state :pending
+  aasm_state :notification_delivered
+
+  aasm_event :delivered_notification do
+    transitions :to => :notification_delivered, :from => [:pending]
+  end
+
+  class << self
+
+    def create_notification_of_type(notification_type, dyn_attributes={}, created_by=nil)
+      notification_type = notification_type.class == NotificationType ? notification_type : NotificationType.find_by_internal_identifier(notification_type)
+
+      notification = self.new(
+          created_by: created_by,
+          notification_type: notification_type
+      )
+
+      dyn_attributes.each do |k,v|
+        notification.custom_fields[k] = v
+      end
+
+      notification.save
+
+      notification
+    end
+
+  end
+
+  def deliver_notification
+    # template method
+    # should be overridden in sub class
+  end
+
+end