forest_liana 5.3.2 → 6.0.0.pre.beta.3

data/app/services/forest_liana/permissions_formatter.rb

@@ -0,0 +1,52 @@
+module ForestLiana
+  class PermissionsFormatter
+    class << PermissionsFormatter
+      # Convert old format permissions to unify PermissionsGetter code
+      def convert_to_new_format(permissions, rendering_id)
+        permissions_new_format = Hash.new
+        permissions_new_format['collections'] = Hash.new
+        permissions_new_format['renderings'] = Hash.new
+        permissions_new_format['renderings'][rendering_id] = Hash.new
+        permissions.keys.each { |collection_name|
+          permissions_new_format['collections'][collection_name] = {
+            'collection' => convert_collection_permissions_to_new_format(permissions[collection_name]['collection']),
+            'actions' => convert_actions_permissions_to_new_format(permissions[collection_name]['actions'])
+          }
+
+          permissions_new_format['renderings'][rendering_id][collection_name] = { 'scope' => permissions[collection_name]['scope'] }
+        }
+
+        permissions_new_format
+      end
+
+      def convert_collection_permissions_to_new_format(collection_permissions)
+        {
+          'browseEnabled' => collection_permissions['list'] || collection_permissions['searchToEdit'],
+          'readEnabled' => collection_permissions['show'],
+          'addEnabled' => collection_permissions['create'],
+          'editEnabled' => collection_permissions['update'],
+          'deleteEnabled' => collection_permissions['delete'],
+          'exportEnabled' => collection_permissions['export']
+        }
+      end
+
+      def convert_actions_permissions_to_new_format(actions_permissions)
+        return nil unless actions_permissions
+
+        actions_permissions_new_format = Hash.new
+
+        actions_permissions.keys.each { |action_name|
+          allowed = actions_permissions[action_name]['allowed']
+          users = actions_permissions[action_name]['users']
+
+          actions_permissions_new_format[action_name] = Hash.new
+          actions_permissions_new_format[action_name] = {
+            'triggerEnabled' => allowed && (users.nil? || users)
+          }
+        }
+
+        actions_permissions_new_format
+      end
+    end
+  end
+end

data/app/services/forest_liana/permissions_getter.rb

@@ -1,25 +1,60 @@
 module ForestLiana
   class PermissionsGetter
-    def initialize(rendering_id)
-      @route = "/liana/v2/permissions"
-      @rendering_id = rendering_id
-    end
+    class << PermissionsGetter
+      def get_permissions_api_route
+        '/liana/v3/permissions'
+      end
+
+      # Permission format example:
+      # collections => {
+      #   {model_name} => {
+      #     collection => {
+      #       browseEnabled => true,
+      #       readEnabled => true,
+      #       editEnabled => true,
+      #       addEnabled => true,
+      #       deleteEnabled => true,
+      #       exportEnabled => true,
+      #     },
+      #     actions => {
+      #       {action_name} => {
+      #         triggerEnabled => true,
+      #       },
+      #     },
+      #   },
+      # },
+      # rederings => {
+      #   {rendering_id} => {
+      #       {collection_id} => {
+      #         scope => {
+      #           dynamicScopesValues => {},
+      #           filter => {}
+      #         }
+      #       }
+      #     }
+      #   }
+      # }
+      # With `rendering_specific_only` this returns only the permissions related data specific to the provided rendering
+      # For now this only includes scopes
+      def get_permissions_for_rendering(rendering_id, rendering_specific_only: false)
+        begin
+          query_parameters = { 'renderingId' => rendering_id }
+          query_parameters['renderingSpecificOnly'] = rendering_specific_only if rendering_specific_only
 
-    def perform
-      begin
-        query_parameters = { 'renderingId' => @rendering_id }
-        response = ForestLiana::ForestApiRequester.get(@route, query: query_parameters)
+          api_route = get_permissions_api_route
+          response = ForestLiana::ForestApiRequester.get(api_route, query: query_parameters)
 
-        if response.is_a?(Net::HTTPOK)
-          JSON.parse(response.body)
-        else
-          raise "Forest API returned an #{ForestLiana::Errors::HTTPErrorHelper.format(response)}"
+          if response.is_a?(Net::HTTPOK)
+            JSON.parse(response.body)
+          else
+            raise "Forest API returned an #{ForestLiana::Errors::HTTPErrorHelper.format(response)}"
+          end
+        rescue => exception
+          FOREST_LOGGER.error 'Cannot retrieve the permissions from the Forest server.'
+          FOREST_LOGGER.error 'Which was caused by:'
+          ForestLiana::Errors::ExceptionHelper.recursively_print(exception, margin: ' ', is_error: true)
+          nil
         end
-      rescue => exception
-        FOREST_LOGGER.error 'Cannot retrieve the permissions from the Forest server.'
-        FOREST_LOGGER.error 'Which was caused by:'
-        ForestLiana::Errors::ExceptionHelper.recursively_print(exception, margin: ' ', is_error: true)
-        nil
       end
     end
   end

data/app/services/forest_liana/query_stat_getter.rb

@@ -2,11 +2,11 @@ module ForestLiana
   class QueryStatGetter
     attr_accessor :record
 
-    CHART_TYPE_VALUE = 'Value';
-    CHART_TYPE_PIE = 'Pie';
-    CHART_TYPE_LINE = 'Line';
-    CHART_TYPE_LEADERBOARD = 'Leaderboard';
-    CHART_TYPE_OBJECTIVE = 'Objective';
+    CHART_TYPE_VALUE = 'Value'
+    CHART_TYPE_PIE = 'Pie'
+    CHART_TYPE_LINE = 'Line'
+    CHART_TYPE_LEADERBOARD = 'Leaderboard'
+    CHART_TYPE_OBJECTIVE = 'Objective'
 
     def initialize(params)
       @params = params

data/app/services/forest_liana/scope_validator.rb

@@ -32,9 +32,10 @@ module ForestLiana
     def compute_condition_filters_from_scope(user_id)
       computed_condition_filters = @scope_filters.clone
       computed_condition_filters['conditions'].each do |condition|
-        if condition.include?('value') && 
-          !condition['value'].nil? && 
-          condition['value'].start_with?('$') && 
+        if condition.include?('value') &&
+          !condition['value'].nil? &&
+          condition['value'].instance_of?(String) &&
+          condition['value'].start_with?('$') &&
           @users_variable_values.include?(user_id)
           condition['value'] = @users_variable_values[user_id][condition['value']]
         end
@@ -51,9 +52,9 @@ module ForestLiana
       ensure_valid_aggregation(node)
 
       return is_scope_condition?(node) unless node['aggregator']
-  
+
       # NOTICE: Remove conditions that are not from the scope
-      filtered_conditions = node['conditions'].map { |condition| 
+      filtered_conditions = node['conditions'].map { |condition|
         search_scope_aggregation(condition)
       }.select { |condition|
         condition
@@ -61,7 +62,7 @@ module ForestLiana
 
       # NOTICE: If there is only one condition filter left and its current aggregator is
       #         an "and", this condition filter is the searched scope
-      if (filtered_conditions.length == 1 && 
+      if (filtered_conditions.length == 1 &&
         filtered_conditions.first.is_a?(Hash) &&
         filtered_conditions.first.include?(:aggregator) &&
         node['aggregator'] == 'and')
@@ -70,7 +71,7 @@ module ForestLiana
 
       # NOTICE: Otherwise, validate if the current node is the scope and return nil
       #         if it's not
-      return (filtered_conditions.length == @scope_filters['conditions'].length && 
+      return (filtered_conditions.length == @scope_filters['conditions'].length &&
         node['aggregator'] == @scope_filters['aggregator']) ?
         { aggregator: node['aggregator'], conditions: filtered_conditions } :
         nil

data/app/services/forest_liana/token.rb

@@ -0,0 +1,27 @@
+EXPIRATION_IN_SECONDS = 14.days
+
+module ForestLiana
+  class Token
+    REGEX_COOKIE_SESSION_TOKEN = /forest_session_token=([^;]*)/;
+
+    def self.expiration_in_days
+      Time.current + EXPIRATION_IN_SECONDS
+    end
+
+    def self.expiration_in_seconds
+      return Time.now.to_i + EXPIRATION_IN_SECONDS
+    end
+
+    def self.create_token(user, rendering_id)
+      return JWT.encode({
+        id: user['id'],
+        email: user['email'],
+        first_name: user['first_name'],
+        last_name: user['last_name'],
+        team: user['teams'][0],
+        rendering_id: rendering_id,
+        exp: expiration_in_seconds()
+      }, ForestLiana.auth_secret, 'HS256')
+    end
+  end
+end

data/app/services/forest_liana/utils/beta_schema_utils.rb

@@ -0,0 +1,13 @@
+module ForestLiana
+  module Utils
+    class BetaSchemaUtils
+      def self.find_action_from_endpoint(collection_name, endpoint, http_method)
+        collection = ForestLiana.apimap.find { |collection| collection.name.to_s == collection_name }
+
+        return nil unless collection
+
+        collection.actions.find { |action| action.endpoint == endpoint && action.http_method == http_method }
+      end
+    end
+  end
+end

data/config/initializers/error-messages.rb

@@ -0,0 +1,20 @@
+module ForestLiana
+  MESSAGES = {
+    CONFIGURATION: {
+      AUTH_SECRET_MISSING: "Your Forest authSecret seems to be missing. Can you check that you properly set a Forest authSecret in the Forest initializer?",
+    },
+    SERVER_TRANSACTION: {
+      SECRET_AND_RENDERINGID_INCONSISTENT: "Cannot retrieve the project you're trying to unlock. The envSecret and renderingId seems to be missing or inconsistent.",
+      SERVER_DOWN: "Cannot retrieve the data from the Forest server. Forest API seems to be down right now.",
+      SECRET_NOT_FOUND: "Cannot retrieve the data from the Forest server. Can you check that you properly copied the Forest envSecret in the Liana initializer?",
+      UNEXPECTED: "Cannot retrieve the data from the Forest server. An error occured in Forest API.",
+      INVALID_STATE_MISSING: "Invalid response from the authentication server: the state parameter is missing",
+      INVALID_STATE_FORMAT: "Invalid response from the authentication server: the state parameter is not at the right format",
+      INVALID_STATE_RENDERING_ID: "Invalid response from the authentication server: the state does not contain a renderingId",
+      MISSING_RENDERING_ID: "Authentication request must contain a renderingId",
+      INVALID_RENDERING_ID: "The parameter renderingId is not valid",
+      REGISTRATION_FAILED: "The registration to the authentication API failed, response: ",
+      OIDC_CONFIGURATION_RETRIEVAL_FAILED: "Failed to retrieve the provider's configuration.",
+    }
+  }
+end

data/config/routes.rb

@@ -4,6 +4,11 @@ ForestLiana::Engine.routes.draw do
   # Onboarding
   get '/' => 'apimaps#index'
 
+  # Authentication
+  post 'authentication' => 'authentication#start_authentication'
+  get 'authentication/callback' => 'authentication#authentication_callback'
+  post 'authentication/logout' => 'authentication#logout'
+
   # Session
   post 'sessions' => 'sessions#create_with_password'
   post 'sessions-google' => 'sessions#create_with_google'

data/lib/forest_liana.rb

@@ -16,6 +16,7 @@ module ForestLiana
 
   mattr_accessor :env_secret
   mattr_accessor :auth_secret
+  mattr_accessor :application_url
   mattr_accessor :integrations
   mattr_accessor :apimap
   mattr_accessor :allowed_users

data/lib/forest_liana/bootstrapper.rb

@@ -640,7 +640,7 @@ module ForestLiana
     end
 
     def forest_url
-      ENV['FOREST_URL'] || 'https://api.forestadmin.com';
+      ENV['FOREST_URL'] || 'https://api.forestadmin.com'
     end
 
     def database_type

data/lib/forest_liana/collection.rb

@@ -148,7 +148,7 @@ module ForestLiana::Collection
       # TODO: Remove once lianas prior to 2.0.0 are not supported anymore.
       model = ForestLiana.models.find { |collection| collection.try(:table_name) == collection_name.to_s }
       if model
-        collection_name_new = ForestLiana.name_for(model);
+        collection_name_new = ForestLiana.name_for(model)
         FOREST_LOGGER.warn "DEPRECATION WARNING: Collection names are now based on the models " \
           "names. Please rename the collection '#{collection_name.to_s}' of your Forest " \
           "customisation in '#{collection_name_new}'."
@@ -158,7 +158,7 @@ module ForestLiana::Collection
       # TODO: Remove once lianas prior to 2.0.0 are not supported anymore.
       model = ForestLiana.names_old_overriden.invert[collection_name.to_s]
       if model
-        collection_name_new = ForestLiana.name_for(model);
+        collection_name_new = ForestLiana.name_for(model)
         FOREST_LOGGER.warn "DEPRECATION WARNING: Collection names are now based on the models " \
           "names. Please rename the collection '#{collection_name.to_s}' of your Forest " \
           "customisation in '#{collection_name_new}'."

data/lib/forest_liana/engine.rb

@@ -16,8 +16,17 @@ module ForestLiana
       begin
         rack_cors_class = Rack::Cors
         rack_cors_class = 'Rack::Cors' if Rails::VERSION::MAJOR < 5
+        null_regex = Regexp.new(/\Anull\z/)
 
         config.middleware.insert_before 0, rack_cors_class do
+          allow do
+            hostnames = [null_regex, 'localhost:4200', /\A.*\.forestadmin\.com\z/]
+            hostnames += ENV['CORS_ORIGINS'].split(',') if ENV['CORS_ORIGINS']
+
+            origins hostnames
+            resource ForestLiana::AuthenticationController::PUBLIC_ROUTES[1], headers: :any, methods: :any, credentials: true, max_age: 86400 # NOTICE: 1 day
+          end
+
           allow do
             hostnames = ['localhost:4200', /\A.*\.forestadmin\.com\z/]
             hostnames += ENV['CORS_ORIGINS'].split(',') if ENV['CORS_ORIGINS']

data/lib/forest_liana/json_printer.rb

@@ -20,7 +20,7 @@ module ForestLiana
             result << ", "
           end
 
-          result << pretty_print(item, is_primary_value ? "#{indentation}  " : indentation);
+          result << pretty_print(item, is_primary_value ? "#{indentation}  " : indentation)
         end
 
         result << "\n#{indentation}" if is_primary_value && !is_small

data/lib/forest_liana/version.rb

@@ -1,3 +1,3 @@
 module ForestLiana
-  VERSION = "5.3.2"
+  VERSION = "6.0.0-beta.3"
 end

data/spec/dummy/app/assets/config/manifest.js

@@ -0,0 +1 @@
+{}

data/spec/dummy/config/application.rb

@@ -20,7 +20,7 @@ module Dummy
     # config.i18n.default_locale = :de
 
     # Do not swallow errors in after_commit/after_rollback callbacks.
-    config.active_record.raise_in_transactional_callbacks = true
+    # config.active_record.raise_in_transactional_callbacks = true
   end
 end
 

data/spec/dummy/config/initializers/forest_liana.rb

@@ -1,2 +1,3 @@
 ForestLiana.env_secret = 'env_secret_test'
 ForestLiana.auth_secret = 'auth_secret_test'
+ForestLiana.application_url = 'http://localhost:3000'

data/spec/dummy/db/migrate/20190226172951_create_user.rb

@@ -1,4 +1,4 @@
-class CreateUser < ActiveRecord::Migration
+class CreateUser < ActiveRecord::Migration[4.2]
   def change
     create_table :users do |t|
       t.string :name

data/spec/dummy/db/migrate/20190226173051_create_isle.rb

@@ -1,4 +1,4 @@
-class CreateIsle < ActiveRecord::Migration
+class CreateIsle < ActiveRecord::Migration[4.2]
   def change
     create_table :isle do |t|
       t.string :name

data/spec/dummy/db/migrate/20190226174951_create_tree.rb

@@ -1,4 +1,4 @@
-class CreateTree < ActiveRecord::Migration
+class CreateTree < ActiveRecord::Migration[4.2]
   def change
     create_table :trees do |t|
       t.string :name

data/spec/dummy/db/migrate/20190716130830_add_age_to_tree.rb

@@ -1,4 +1,4 @@
-class AddAgeToTree < ActiveRecord::Migration
+class AddAgeToTree < ActiveRecord::Migration[4.2]
   def up
     add_column :trees, :age, :integer
   end

data/spec/dummy/db/migrate/20190716135241_add_type_to_user.rb

@@ -1,4 +1,4 @@
-class AddTypeToUser < ActiveRecord::Migration
+class AddTypeToUser < ActiveRecord::Migration[4.2]
   def up
     add_column :users, :title, :integer
   end

data/spec/dummy/db/schema.rb

@@ -1,44 +1,42 @@
-# encoding: UTF-8
 # This file is auto-generated from the current state of the database. Instead
 # of editing this file, please use the migrations feature of Active Record to
 # incrementally modify your database, and then regenerate this schema definition.
 #
-# Note that this schema.rb definition is the authoritative source for your
-# database schema. If you need to create the application database on another
-# system, you should be using db:schema:load, not running all the migrations
-# from scratch. The latter is a flawed and unsustainable approach (the more migrations
-# you'll amass, the slower it'll run and the greater likelihood for issues).
+# This file is the source Rails uses to define your schema when running `rails
+# db:schema:load`. When creating a new database, `rails db:schema:load` tends to
+# be faster and is potentially less error prone than running all of your
+# migrations from scratch. Old migrations may fail to apply correctly if those
+# migrations use external dependencies or application code.
 #
 # It's strongly recommended that you check this file into your version control system.
 
-ActiveRecord::Schema.define(version: 20190716135241) do
+ActiveRecord::Schema.define(version: 2019_07_16_135241) do
 
   create_table "isle", force: :cascade do |t|
-    t.string   "name"
-    t.binary   "map"
+    t.string "name"
+    t.binary "map"
     t.datetime "created_at"
     t.datetime "updated_at"
   end
 
   create_table "trees", force: :cascade do |t|
-    t.string   "name"
-    t.integer  "owner_id"
-    t.integer  "cutter_id"
-    t.integer  "island_id"
+    t.string "name"
+    t.integer "owner_id"
+    t.integer "cutter_id"
+    t.integer "island_id"
     t.datetime "created_at"
     t.datetime "updated_at"
-    t.integer  "age"
+    t.integer "age"
+    t.index ["cutter_id"], name: "index_trees_on_cutter_id"
+    t.index ["island_id"], name: "index_trees_on_island_id"
+    t.index ["owner_id"], name: "index_trees_on_owner_id"
   end
 
-  add_index "trees", ["cutter_id"], name: "index_trees_on_cutter_id"
-  add_index "trees", ["island_id"], name: "index_trees_on_island_id"
-  add_index "trees", ["owner_id"], name: "index_trees_on_owner_id"
-
   create_table "users", force: :cascade do |t|
-    t.string   "name"
+    t.string "name"
     t.datetime "created_at"
     t.datetime "updated_at"
-    t.integer  "title"
+    t.integer "title"
   end
 
 end