forest_liana 6.0.0.pre.beta.3 → 6.0.3

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 3ea2912357a0fabb3b4c6527d848f9b728d2394c83155cd77314e54f66c1d8e2
-  data.tar.gz: 69863c89f2668cb142f54ddc5a9fcc1c473417cef56fc307765e53a686572bd3
+  metadata.gz: 36413dbeacb065c65d37e3ac8b051c2f342d03f8deec1ebf8c4caf9b894f8838
+  data.tar.gz: d58009364bb2fa0bef186b2afeaee10242e26538926c98ae807286f21623dc79
 SHA512:
-  metadata.gz: 11e36ad5a50676182d85029fe634e2874328c537bff2679e5a99661393e5d23c84fa3e30c165c376c06c0e8bc013beffc8d0b2497408276322a0811de8fbf222
-  data.tar.gz: 3bb4aec7204cced667652ac92f1aef9e4897d282a578408603c2fd98b7b37079565ea39d58ef1d26ee4f62af545c41bd2e56666df4d0335f7b53a455c705f17a
+  metadata.gz: 4f0c61d238def23ff9fb17c5974238ea13a06cde678bec2c1937d590d13fe9a603ec32448c2fb433b0696436b038c21a47041f25491ec9954ff03f90f22bc068
+  data.tar.gz: 30dfc0f2f7b564e0581bb85fe0211457bf835ce0125c70de27c12ae5483cb26c40b828fd724ec9315a1b2564f0b6f509b59d56f1f42075029ec7fd1380b36db5

data/app/controllers/forest_liana/actions_controller.rb

@@ -55,10 +55,20 @@ module ForestLiana
       # Apply result on fields (transform the object back to an array), preserve order.
       fields = action.fields.map do |field|
         updated_field = result[field[:field]]
+
         # Reset `value` when not present in `enums` (which means `enums` has changed).
-        if updated_field[:enums].is_a?(Array) && !updated_field[:enums].include?(updated_field[:value])
-          updated_field[:value] = nil
+        if updated_field[:enums].is_a?(Array)
+          # `value` can be an array if the type of fields is `[x]`
+          if updated_field[:type].is_a?(Array) && updated_field[:value].is_a?(Array) && !(updated_field[:value] - updated_field[:enums]).empty?
+            updated_field[:value] = nil
+          end
+
+          # `value` can be any other value
+          if !updated_field[:type].is_a?(Array) && !updated_field[:enums].include?(updated_field[:value])
+            updated_field[:value] = nil
+          end
         end
+
         updated_field
       end
 

data/app/controllers/forest_liana/authentication_controller.rb

@@ -46,7 +46,7 @@ module ForestLiana
           { 'renderingId' => rendering_id },
         )
 
-        redirect_to(result['authorization_url'])
+        render json: { authorizationUrl: result['authorization_url']}, status: 200
       rescue => error
         render json: { errors: [{ status: 500, detail: error.message }] },
           status: :internal_server_error, serializer: nil
@@ -61,33 +61,17 @@ module ForestLiana
           callback_url,
           params,
         )
-    
-        response.set_cookie(
-          'forest_session_token',
-          {
-            value: token,
-            httponly: true,
-            secure: true,
-            expires: ForestLiana::Token.expiration_in_days,
-            samesite: 'none',
-            path: '/'
-          },
-        )
 
         response_body = {
+          token: token,
           tokenData: JWT.decode(token, ForestLiana.auth_secret, true, { algorithm: 'HS256' })[0]
         }
 
-        # The token is sent decoded, because we don't want to share the whole, signed token
-        # that is used to authenticate people
-        # but the token itself contains interesting values, such as its expiration date
-        response_body[:token] = token if !ForestLiana.application_url.start_with?('https://')
-
         render json: response_body, status: 200
 
       rescue => error
-        render json: { errors: [{ status: 500, detail: error.message }] },
-          status: :internal_server_error, serializer: nil
+        render json: { errors: [{ status: error.try(:error_code) || 500, detail: error.message }] },
+          status: error.status || :internal_server_error, serializer: nil
       end
     end
 
@@ -104,7 +88,7 @@ module ForestLiana
                 httponly: true,
                 secure: true,
                 expires: Time.at(0),
-                samesite: 'none',
+                same_site: :None,
                 path: '/'
               },
             )

data/app/serializers/forest_liana/stripe_invoice_serializer.rb

@@ -3,20 +3,20 @@ module ForestLiana
     include JSONAPI::Serializer
 
     attribute :amount_due
+    attribute :amount_paid
+    attribute :amount_remaining
+    attribute :application_fee_amount
     attribute :attempt_count
     attribute :attempted
-    attribute :closed
     attribute :currency
-    attribute :date
-    attribute :forgiven
+    attribute :due_date
     attribute :paid
     attribute :period_end
     attribute :period_start
+    attribute :status
     attribute :subtotal
     attribute :total
-    attribute :application_fee
     attribute :tax
-    attribute :tax_percent
 
     has_one :customer
 

data/app/services/forest_liana/authentication.rb

@@ -26,9 +26,7 @@ module ForestLiana
 
       user = ForestLiana::AuthorizationGetter.authenticate(
         rendering_id,
-        true,
         { :forest_token => access_token_instance.instance_variable_get(:@access_token) },
-        nil,
       )
 
       return ForestLiana::Token.create_token(user, rendering_id)

data/app/services/forest_liana/authorization_getter.rb

@@ -1,23 +1,12 @@
 module ForestLiana
   class AuthorizationGetter
-    def self.authenticate(rendering_id, use_google_authentication, auth_data, two_factor_registration)
+    def self.authenticate(rendering_id, auth_data)
       begin
         route = "/liana/v2/renderings/#{rendering_id.to_s}/authorization"
-
-        if !use_google_authentication.nil?
-          headers = { 'forest-token' => auth_data[:forest_token] }
-        elsif !auth_data[:email].nil?
-          headers = { 'email' => auth_data[:email], 'password' => auth_data[:password] }
-        end
-
-        query_parameters = {}
-
-        unless two_factor_registration.nil?
-          query_parameters['two-factor-registration'] = true
-        end
+        headers = { 'forest-token' => auth_data[:forest_token] }
 
         response = ForestLiana::ForestApiRequester
-          .get(route, query: query_parameters, headers: headers)
+          .get(route, query: {}, headers: headers)
 
         if response.code.to_i == 200
           body = JSON.parse(response.body, :symbolize_names => false)
@@ -25,15 +14,28 @@ module ForestLiana
           user['id'] = body['data']['id']
           user
         else
-          unless use_google_authentication.nil?
-            raise "Cannot authorize the user using this google account. Forest API returned an #{Errors::HTTPErrorHelper.format(response)}"
-          else
-            raise "Cannot authorize the user using this email/password. Forest API returned an #{Errors::HTTPErrorHelper.format(response)}"
-          end
+          raise generate_authentication_error response
         end
-      rescue
-        raise ForestLiana::Errors::HTTP401Error
       end
     end
+
+    private
+    def self.generate_authentication_error(error)
+      case error[:message]
+      when ForestLiana::MESSAGES[:SERVER_TRANSACTION][:SECRET_AND_RENDERINGID_INCONSISTENT]
+        return ForestLiana::Errors::InconsistentSecretAndRenderingError.new()
+      when ForestLiana::MESSAGES[:SERVER_TRANSACTION][:SECRET_NOT_FOUND]
+        return ForestLiana::Errors::SecretNotFoundError.new()
+      else
+      end
+
+      serverError = error[:jse_cause][:response][:body][:errors][0] || nil
+
+      if !serverError.nil? && serverError[:name] == ForestLiana::MESSAGES[:SERVER_TRANSACTION][:names][:TWO_FACTOR_AUTHENTICATION_REQUIRED]
+        return ForestLiana::Errors::TwoFactorAuthenticationRequiredError.new()
+      end
+
+      return StandardError.new(error)
+    end
   end
 end

data/app/services/forest_liana/oidc_client_manager.rb

@@ -8,11 +8,15 @@ module ForestLiana
         if client_data.nil?
           configuration = ForestLiana::OidcConfigurationRetriever.retrieve()
 
-          client_credentials = ForestLiana::OidcDynamicClientRegistrator.register({
-            token_endpoint_auth_method: 'none',
-            redirect_uris: [callback_url],
-            registration_endpoint: configuration['registration_endpoint']
-          })
+          if ForestLiana.forest_client_id.nil?
+            client_credentials = ForestLiana::OidcDynamicClientRegistrator.register({
+              token_endpoint_auth_method: 'none',
+              redirect_uris: [callback_url],
+              registration_endpoint: configuration['registration_endpoint']
+            })
+          else
+            client_credentials = { 'client_id' => ForestLiana.forest_client_id }
+          end
 
           client_data = { :client_id => client_credentials['client_id'], :issuer => configuration['issuer'] }
           Rails.cache.write(callback_url, client_data)

data/app/services/forest_liana/resource_creator.rb

@@ -53,7 +53,7 @@ module ForestLiana
     end
 
     def has_strong_parameter
-      Rails::VERSION::MAJOR > 5 || @resource.instance_method(:update_attributes!).arity == 1
+      Rails::VERSION::MAJOR > 5 || @resource.instance_method(:update!).arity == 1
     end
   end
 end

data/app/services/forest_liana/resource_updater.rb

@@ -14,9 +14,9 @@ module ForestLiana
         @record = @resource.find(@params[:id])
 
         if has_strong_parameter
-          @record.update_attributes(resource_params)
+          @record.update(resource_params)
         else
-          @record.update_attributes(resource_params, without_protection: true)
+          @record.update(resource_params, without_protection: true)
         end
       rescue ActiveRecord::StatementInvalid => exception
         # NOTICE: SQL request cannot be executed properly
@@ -33,7 +33,7 @@ module ForestLiana
     end
 
     def has_strong_parameter
-      Rails::VERSION::MAJOR > 5 || @resource.instance_method(:update_attributes!).arity == 1
+      Rails::VERSION::MAJOR > 5 || @resource.instance_method(:update!).arity == 1
     end
   end
 end

data/app/services/forest_liana/schema_utils.rb

@@ -2,9 +2,14 @@ module ForestLiana
   class SchemaUtils
 
     def self.associations(active_record_class)
-      active_record_class
-        .reflect_on_all_associations
-        .select { |association| !polymorphic?(association) && !is_active_type?(association.klass) }
+      active_record_class.reflect_on_all_associations.select do |association|
+        begin
+          !polymorphic?(association) && !is_active_type?(association.klass)
+        rescue
+          FOREST_LOGGER.warn "Unknown association #{association.name} on class #{active_record_class.name}"
+          false
+        end
+      end
     end
 
     def self.one_associations(active_record_class)

data/app/services/forest_liana/stripe_invoice_getter.rb

@@ -11,7 +11,7 @@ module ForestLiana
       query = {}
       @record = ::Stripe::Invoice.retrieve(@params[:invoice_id])
 
-      @record.date = Time.at(@record.date).to_datetime
+      @record.due_date = Time.at(@record.due_date).to_datetime unless @record.due_date.nil?
       @record.period_start = Time.at(@record.period_start).to_datetime
       @record.period_end = Time.at(@record.period_end).to_datetime
       @record.subtotal /= 100.00

data/app/services/forest_liana/stripe_invoices_getter.rb

@@ -32,7 +32,7 @@ module ForestLiana
         end
 
         @records = @invoices.data.map do |d|
-          d.date = Time.at(d.date).to_datetime
+          d.date = Time.at(d.created).to_datetime
           d.period_start = Time.at(d.period_start).to_datetime
           d.period_end = Time.at(d.period_end).to_datetime
           d.subtotal /= 100.00

data/app/services/forest_liana/stripe_source_getter.rb

@@ -12,7 +12,7 @@ module ForestLiana
       customer = resource[field]
 
       @record = ::Stripe::Customer
-        .retrieve(customer)
+        .retrieve({ id: customer, expand: ['sources'] })
         .sources.retrieve(@params[:objectId])
 
       query = {}

data/app/services/forest_liana/stripe_sources_getter.rb

@@ -32,7 +32,7 @@ module ForestLiana
 
     def fetch_bank_accounts(customer, params)
       begin
-        @cards = ::Stripe::Customer.retrieve(customer).sources.list(params)
+        @cards = ::Stripe::Customer.retrieve({ id: customer, expand: ['sources'] }).sources.list(params)
         if @cards.blank?
           @records = []
           return

data/config/initializers/error-messages.rb

@@ -15,6 +15,9 @@ module ForestLiana
       INVALID_RENDERING_ID: "The parameter renderingId is not valid",
       REGISTRATION_FAILED: "The registration to the authentication API failed, response: ",
       OIDC_CONFIGURATION_RETRIEVAL_FAILED: "Failed to retrieve the provider's configuration.",
+      names: {
+        TWO_FACTOR_AUTHENTICATION_REQUIRED: 'TwoFactorAuthenticationRequiredForbiddenError',
+      }
     }
   }
 end

data/config/initializers/errors.rb

@@ -14,12 +14,13 @@ module ForestLiana
     end
 
     class ExpectedError < StandardError
-      attr_reader :error_code, :status, :message
+      attr_reader :error_code, :status, :message, :name
 
-      def initialize(error_code, status, message)
+      def initialize(error_code, status, message, name = nil)
         @error_code = error_code
         @status = status
         @message = message
+        @name = name
       end
 
       def display_error
@@ -45,6 +46,24 @@ module ForestLiana
       end
     end
 
+    class InconsistentSecretAndRenderingError < ExpectedError
+      def initialize(message=ForestLiana::MESSAGES[:SERVER_TRANSACTION][:SECRET_AND_RENDERINGID_INCONSISTENT])
+        super(500, :internal_server_error, message, 'InconsistentSecretAndRenderingError')
+      end
+    end
+
+    class SecretNotFoundError < ExpectedError
+      def initialize(message=ForestLiana::MESSAGES[:SERVER_TRANSACTION][:SECRET_NOT_FOUND])
+        super(500, :internal_server_error, message, 'SecretNotFoundError')
+      end
+    end
+
+    class TwoFactorAuthenticationRequiredError < ExpectedError
+      def initialize(message='Two factor authentication required')
+        super(403, :forbidden, message, 'TwoFactorAuthenticationRequiredError')
+      end
+    end
+
     class ExceptionHelper
       def self.recursively_print(error, margin: '', is_error: false)
         logger = is_error ?

data/config/routes.rb

@@ -9,10 +9,6 @@ ForestLiana::Engine.routes.draw do
   get 'authentication/callback' => 'authentication#authentication_callback'
   post 'authentication/logout' => 'authentication#logout'
 
-  # Session
-  post 'sessions' => 'sessions#create_with_password'
-  post 'sessions-google' => 'sessions#create_with_google'
-
   # Associations
   get ':collection/:id/relationships/:association_name' => 'associations#index'
   get ':collection/:id/relationships/:association_name/count' => 'associations#count'

data/lib/forest_liana.rb

@@ -16,6 +16,7 @@ module ForestLiana
 
   mattr_accessor :env_secret
   mattr_accessor :auth_secret
+  mattr_accessor :forest_client_id
   mattr_accessor :application_url
   mattr_accessor :integrations
   mattr_accessor :apimap

data/lib/forest_liana/bootstrapper.rb

@@ -18,6 +18,13 @@ module ForestLiana
         ForestLiana.auth_secret = ForestLiana.auth_key
       end
 
+      unless Rails.application.config.action_controller.perform_caching || Rails.env.test? || ForestLiana.forest_client_id
+        FOREST_LOGGER.error "You need to enable caching on your environment to use Forest Admin.\n" \
+          "For a development environment, run: `rails dev:cache`\n" \
+          "Or setup a static forest_client_id by following this part of the documentation:\n" \
+          "https://docs.forestadmin.com/documentation/how-tos/maintain/upgrade-notes-rails/upgrade-to-v6#setup-a-static-clientid"
+      end
+
       fetch_models
       check_integrations_setup
       namespace_duplicated_models
@@ -430,19 +437,19 @@ module ForestLiana
         fields: [
           { field: :id, type: 'String', is_filterable: false },
           { field: :amount_due, type: 'Number', is_filterable: false },
+          { field: :amount_paid, type: 'Number', is_filterable: false },
+          { field: :amount_remaining, type: 'Number', is_filterable: false },
+          { field: :application_fee_amount, type: 'Number', is_filterable: false },
           { field: :attempt_count, type: 'Number', is_filterable: false },
           { field: :attempted, type: 'Boolean', is_filterable: false },
-          { field: :closed, type: 'Boolean', is_filterable: false },
           { field: :currency, type: 'String', is_filterable: false },
-          { field: :date, type: 'Date', is_filterable: false },
-          { field: :forgiven, type: 'Boolean', is_filterable: false },
+          { field: :due_date, type: 'Date', is_filterable: false },
           { field: :period_start, type: 'Date', is_filterable: false },
           { field: :period_end, type: 'Date', is_filterable: false },
+          { field: :status, type: 'String', enums: ['draft', 'open', 'paid', 'uncollectible', 'void'], is_filterable: false },
           { field: :subtotal, type: 'Number', is_filterable: false },
           { field: :total, type: 'Number', is_filterable: false },
-          { field: :application_fee, type: 'Number', is_filterable: false },
           { field: :tax, type: 'Number', is_filterable: false },
-          { field: :tax_percent, type: 'Number', is_filterable: false },
           {
             field: :customer,
             type: 'String',

data/lib/forest_liana/version.rb

@@ -1,3 +1,3 @@
 module ForestLiana
-  VERSION = "6.0.0-beta.3"
+  VERSION = "6.0.3"
 end

data/lib/generators/forest_liana/install_generator.rb

@@ -5,6 +5,7 @@ module ForestLiana
     desc 'Forest Rails Liana installation generator'
 
     argument :env_secret, type: :string, required: true, desc: 'required', banner: 'env_secret'
+    argument :application_url, type: :string, required: false, desc: 'optional', banner: 'application_url', default: 'http://localhost:3000'
 
     def install
       if ForestLiana.env_secret.present?
@@ -27,35 +28,42 @@ module ForestLiana
       if File.exist? 'config/secrets.yml'
         inject_into_file 'config/secrets.yml', after: "development:\n" do
           "  forest_env_secret: #{env_secret}\n" +
-          "  forest_auth_secret: #{auth_secret}\n"
+          "  forest_auth_secret: #{auth_secret}\n" +
+          "  forest_application_url: #{application_url}\n"
         end
 
         inject_into_file 'config/secrets.yml', after: "staging:\n", force: true do
           "  forest_env_secret: <%= ENV[\"FOREST_ENV_SECRET\"] %>\n" +
-          "  forest_auth_secret: <%= ENV[\"FOREST_AUTH_SECRET\"] %>\n"
+          "  forest_auth_secret: <%= ENV[\"FOREST_AUTH_SECRET\"] %>\n" +
+          "  forest_application_url: <%= ENV[\"FOREST_APPLICATION_URL\"] %>\n"
         end
 
         inject_into_file 'config/secrets.yml', after: "production:\n", force: true do
           "  forest_env_secret: <%= ENV[\"FOREST_ENV_SECRET\"] %>\n" +
-          "  forest_auth_secret: <%= ENV[\"FOREST_AUTH_SECRET\"] %>\n"
+          "  forest_auth_secret: <%= ENV[\"FOREST_AUTH_SECRET\"] %>\n" +
+          "  forest_application_url: <%= ENV[\"FOREST_APPLICATION_URL\"] %>\n"
         end
       else
         create_file 'config/secrets.yml' do
           "development:\n" +
           "  forest_env_secret: #{env_secret}\n" +
           "  forest_auth_secret: #{auth_secret}\n" +
+          "  forest_application_url: #{application_url}\n" +
           "staging:\n" +
           "  forest_env_secret: <%= ENV[\"FOREST_ENV_SECRET\"] %>\n" +
           "  forest_auth_secret: <%= ENV[\"FOREST_AUTH_SECRET\"] %>\n" +
+          "  forest_application_url: <%= ENV[\"FOREST_APPLICATION_URL\"] %>\n" +
           "production:\n" +
           "  forest_env_secret: <%= ENV[\"FOREST_ENV_SECRET\"] %>\n" +
-          "  forest_auth_secret: <%= ENV[\"FOREST_AUTH_SECRET\"] %>\n"
+          "  forest_auth_secret: <%= ENV[\"FOREST_AUTH_SECRET\"] %>\n" +
+          "  forest_application_url: <%= ENV[\"FOREST_APPLICATION_URL\"] %>\n"
         end
       end
 
       initializer 'forest_liana.rb' do
         "ForestLiana.env_secret = Rails.application.secrets.forest_env_secret" +
-        "\nForestLiana.auth_secret = Rails.application.secrets.forest_auth_secret"
+        "\nForestLiana.auth_secret = Rails.application.secrets.forest_auth_secret" +
+        "\nForestLiana.application_url = Rails.application.secrets.forest_application_url"
       end
     end
   end