forest_liana 6.0.0.pre.beta.4 → 6.0.4

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 3d299c9968621d0592da4e25c67969073237e6cf0eac69d0d898e6db6027ad14
-  data.tar.gz: bbb59dfd951086e62df9829124fcf57ef0b71d40550597abeaff3de07450c946
+  metadata.gz: 741046b8057ebd5d86f157a30718f97eaee9a4a07ad17cdd5ce45ddeae32cb5c
+  data.tar.gz: '0857804c6e7272e3178139a7d3967840f8d8f87c56b73a9ca122faf4270db18d'
 SHA512:
-  metadata.gz: 9b3dc3c43d682e085dd95066648471f779bd03da28b935eb645532e04da42ab75651d679291d03118355cba35379655878fa9a3a36a2fb945fbdb1ac35099748
-  data.tar.gz: 2bd81a3eb3aa40c9129b1afd5fc86004eb10bbe6115f422537f82ffbeec0d94be77c542f68ed5494688464f1857bee5b691187a95d86a45357ca6d3e07b7c400
+  metadata.gz: 8130addad197c5995881a9f5af072ee2a3e1099c177ae8a14f945448a06ef95363957054aa6c44e6980d03edfe3f7210aa34c8237f21dd08c2e7faaa4464c9c5
+  data.tar.gz: 649e455781ed81a414c96476ab9e2156b68bc04132a7bdd28fc46bf2106b1f0ebadf673059985f02f186c47aa91b67c27099f8799e3f5433769749521586d37d

data/app/controllers/forest_liana/actions_controller.rb

@@ -55,10 +55,20 @@ module ForestLiana
       # Apply result on fields (transform the object back to an array), preserve order.
       fields = action.fields.map do |field|
         updated_field = result[field[:field]]
+
         # Reset `value` when not present in `enums` (which means `enums` has changed).
-        if updated_field[:enums].is_a?(Array) && !updated_field[:enums].include?(updated_field[:value])
-          updated_field[:value] = nil
+        if updated_field[:enums].is_a?(Array)
+          # `value` can be an array if the type of fields is `[x]`
+          if updated_field[:type].is_a?(Array) && updated_field[:value].is_a?(Array) && !(updated_field[:value] - updated_field[:enums]).empty?
+            updated_field[:value] = nil
+          end
+
+          # `value` can be any other value
+          if !updated_field[:type].is_a?(Array) && !updated_field[:enums].include?(updated_field[:value])
+            updated_field[:value] = nil
+          end
         end
+
         updated_field
       end
 

data/app/controllers/forest_liana/authentication_controller.rb

@@ -17,7 +17,7 @@ module ForestLiana
     end
   
     def get_callback_url
-        URI.join(ForestLiana.application_url, "/forest/#{CALLBACK_AUTHENTICATION_ROUTE}").to_s
+      File.join(ForestLiana.application_url, "/forest/#{CALLBACK_AUTHENTICATION_ROUTE}").to_s
     rescue => error
       raise "application_url is not valid or not defined" if error.is_a?(ArgumentError)
     end
@@ -61,33 +61,17 @@ module ForestLiana
           callback_url,
           params,
         )
-    
-        response.set_cookie(
-          'forest_session_token',
-          {
-            value: token,
-            httponly: true,
-            secure: true,
-            expires: ForestLiana::Token.expiration_in_days,
-            samesite: 'none',
-            path: '/'
-          },
-        )
 
         response_body = {
+          token: token,
           tokenData: JWT.decode(token, ForestLiana.auth_secret, true, { algorithm: 'HS256' })[0]
         }
 
-        # The token is sent decoded, because we don't want to share the whole, signed token
-        # that is used to authenticate people
-        # but the token itself contains interesting values, such as its expiration date
-        response_body[:token] = token if !ForestLiana.application_url.start_with?('https://')
-
         render json: response_body, status: 200
 
       rescue => error
-        render json: { errors: [{ status: 500, detail: error.message }] },
-          status: :internal_server_error, serializer: nil
+        render json: { errors: [{ status: error.try(:error_code) || 500, detail: error.try(:message) }] },
+          status: error.try(:status) || :internal_server_error, serializer: nil
       end
     end
 
@@ -104,7 +88,7 @@ module ForestLiana
                 httponly: true,
                 secure: true,
                 expires: Time.at(0),
-                samesite: 'none',
+                same_site: :None,
                 path: '/'
               },
             )

data/app/serializers/forest_liana/stripe_invoice_serializer.rb

@@ -3,20 +3,20 @@ module ForestLiana
     include JSONAPI::Serializer
 
     attribute :amount_due
+    attribute :amount_paid
+    attribute :amount_remaining
+    attribute :application_fee_amount
     attribute :attempt_count
     attribute :attempted
-    attribute :closed
     attribute :currency
-    attribute :date
-    attribute :forgiven
+    attribute :due_date
     attribute :paid
     attribute :period_end
     attribute :period_start
+    attribute :status
     attribute :subtotal
     attribute :total
-    attribute :application_fee
     attribute :tax
-    attribute :tax_percent
 
     has_one :customer
 

data/app/services/forest_liana/authentication.rb

@@ -26,9 +26,7 @@ module ForestLiana
 
       user = ForestLiana::AuthorizationGetter.authenticate(
         rendering_id,
-        true,
         { :forest_token => access_token_instance.instance_variable_get(:@access_token) },
-        nil,
       )
 
       return ForestLiana::Token.create_token(user, rendering_id)

data/app/services/forest_liana/authorization_getter.rb

@@ -1,23 +1,12 @@
 module ForestLiana
   class AuthorizationGetter
-    def self.authenticate(rendering_id, use_google_authentication, auth_data, two_factor_registration)
+    def self.authenticate(rendering_id, auth_data)
       begin
         route = "/liana/v2/renderings/#{rendering_id.to_s}/authorization"
-
-        if !use_google_authentication.nil?
-          headers = { 'forest-token' => auth_data[:forest_token] }
-        elsif !auth_data[:email].nil?
-          headers = { 'email' => auth_data[:email], 'password' => auth_data[:password] }
-        end
-
-        query_parameters = {}
-
-        unless two_factor_registration.nil?
-          query_parameters['two-factor-registration'] = true
-        end
+        headers = { 'forest-token' => auth_data[:forest_token] }
 
         response = ForestLiana::ForestApiRequester
-          .get(route, query: query_parameters, headers: headers)
+          .get(route, query: {}, headers: headers)
 
         if response.code.to_i == 200
           body = JSON.parse(response.body, :symbolize_names => false)
@@ -25,15 +14,28 @@ module ForestLiana
           user['id'] = body['data']['id']
           user
         else
-          unless use_google_authentication.nil?
-            raise "Cannot authorize the user using this google account. Forest API returned an #{Errors::HTTPErrorHelper.format(response)}"
-          else
-            raise "Cannot authorize the user using this email/password. Forest API returned an #{Errors::HTTPErrorHelper.format(response)}"
-          end
+          raise generate_authentication_error response
         end
-      rescue
-        raise ForestLiana::Errors::HTTP401Error
       end
     end
+
+    private
+    def self.generate_authentication_error(error)
+      case error[:message]
+      when ForestLiana::MESSAGES[:SERVER_TRANSACTION][:SECRET_AND_RENDERINGID_INCONSISTENT]
+        return ForestLiana::Errors::InconsistentSecretAndRenderingError.new()
+      when ForestLiana::MESSAGES[:SERVER_TRANSACTION][:SECRET_NOT_FOUND]
+        return ForestLiana::Errors::SecretNotFoundError.new()
+      else
+      end
+
+      serverError = error[:jse_cause][:response][:body][:errors][0] || nil
+
+      if !serverError.nil? && serverError[:name] == ForestLiana::MESSAGES[:SERVER_TRANSACTION][:names][:TWO_FACTOR_AUTHENTICATION_REQUIRED]
+        return ForestLiana::Errors::TwoFactorAuthenticationRequiredError.new()
+      end
+
+      return StandardError.new(error)
+    end
   end
 end

data/app/services/forest_liana/oidc_client_manager.rb

@@ -15,7 +15,7 @@ module ForestLiana
               registration_endpoint: configuration['registration_endpoint']
             })
           else
-            client_credentials['client_id'] = ForestLiana.forest_client_id
+            client_credentials = { 'client_id' => ForestLiana.forest_client_id }
           end
 
           client_data = { :client_id => client_credentials['client_id'], :issuer => configuration['issuer'] }

data/app/services/forest_liana/resource_creator.rb

@@ -53,7 +53,7 @@ module ForestLiana
     end
 
     def has_strong_parameter
-      Rails::VERSION::MAJOR > 5 || @resource.instance_method(:update_attributes!).arity == 1
+      Rails::VERSION::MAJOR > 5 || @resource.instance_method(:update!).arity == 1
     end
   end
 end

data/app/services/forest_liana/resource_updater.rb

@@ -14,9 +14,9 @@ module ForestLiana
         @record = @resource.find(@params[:id])
 
         if has_strong_parameter
-          @record.update_attributes(resource_params)
+          @record.update(resource_params)
         else
-          @record.update_attributes(resource_params, without_protection: true)
+          @record.update(resource_params, without_protection: true)
         end
       rescue ActiveRecord::StatementInvalid => exception
         # NOTICE: SQL request cannot be executed properly
@@ -33,7 +33,7 @@ module ForestLiana
     end
 
     def has_strong_parameter
-      Rails::VERSION::MAJOR > 5 || @resource.instance_method(:update_attributes!).arity == 1
+      Rails::VERSION::MAJOR > 5 || @resource.instance_method(:update!).arity == 1
     end
   end
 end

data/app/services/forest_liana/schema_utils.rb

@@ -2,9 +2,14 @@ module ForestLiana
   class SchemaUtils
 
     def self.associations(active_record_class)
-      active_record_class
-        .reflect_on_all_associations
-        .select { |association| !polymorphic?(association) && !is_active_type?(association.klass) }
+      active_record_class.reflect_on_all_associations.select do |association|
+        begin
+          !polymorphic?(association) && !is_active_type?(association.klass)
+        rescue
+          FOREST_LOGGER.warn "Unknown association #{association.name} on class #{active_record_class.name}"
+          false
+        end
+      end
     end
 
     def self.one_associations(active_record_class)

data/app/services/forest_liana/stripe_invoice_getter.rb

@@ -11,7 +11,7 @@ module ForestLiana
       query = {}
       @record = ::Stripe::Invoice.retrieve(@params[:invoice_id])
 
-      @record.date = Time.at(@record.date).to_datetime
+      @record.due_date = Time.at(@record.due_date).to_datetime unless @record.due_date.nil?
       @record.period_start = Time.at(@record.period_start).to_datetime
       @record.period_end = Time.at(@record.period_end).to_datetime
       @record.subtotal /= 100.00

data/app/services/forest_liana/stripe_invoices_getter.rb

@@ -32,7 +32,7 @@ module ForestLiana
         end
 
         @records = @invoices.data.map do |d|
-          d.date = Time.at(d.date).to_datetime
+          d.date = Time.at(d.created).to_datetime
           d.period_start = Time.at(d.period_start).to_datetime
           d.period_end = Time.at(d.period_end).to_datetime
           d.subtotal /= 100.00

data/app/services/forest_liana/stripe_source_getter.rb

@@ -12,7 +12,7 @@ module ForestLiana
       customer = resource[field]
 
       @record = ::Stripe::Customer
-        .retrieve(customer)
+        .retrieve({ id: customer, expand: ['sources'] })
         .sources.retrieve(@params[:objectId])
 
       query = {}

data/app/services/forest_liana/stripe_sources_getter.rb

@@ -32,7 +32,7 @@ module ForestLiana
 
     def fetch_bank_accounts(customer, params)
       begin
-        @cards = ::Stripe::Customer.retrieve(customer).sources.list(params)
+        @cards = ::Stripe::Customer.retrieve({ id: customer, expand: ['sources'] }).sources.list(params)
         if @cards.blank?
           @records = []
           return

data/config/initializers/error-messages.rb

@@ -15,6 +15,9 @@ module ForestLiana
       INVALID_RENDERING_ID: "The parameter renderingId is not valid",
       REGISTRATION_FAILED: "The registration to the authentication API failed, response: ",
       OIDC_CONFIGURATION_RETRIEVAL_FAILED: "Failed to retrieve the provider's configuration.",
+      names: {
+        TWO_FACTOR_AUTHENTICATION_REQUIRED: 'TwoFactorAuthenticationRequiredForbiddenError',
+      }
     }
   }
 end

data/config/initializers/errors.rb

@@ -14,12 +14,13 @@ module ForestLiana
     end
 
     class ExpectedError < StandardError
-      attr_reader :error_code, :status, :message
+      attr_reader :error_code, :status, :message, :name
 
-      def initialize(error_code, status, message)
+      def initialize(error_code, status, message, name = nil)
         @error_code = error_code
         @status = status
         @message = message
+        @name = name
       end
 
       def display_error
@@ -45,6 +46,24 @@ module ForestLiana
       end
     end
 
+    class InconsistentSecretAndRenderingError < ExpectedError
+      def initialize(message=ForestLiana::MESSAGES[:SERVER_TRANSACTION][:SECRET_AND_RENDERINGID_INCONSISTENT])
+        super(500, :internal_server_error, message, 'InconsistentSecretAndRenderingError')
+      end
+    end
+
+    class SecretNotFoundError < ExpectedError
+      def initialize(message=ForestLiana::MESSAGES[:SERVER_TRANSACTION][:SECRET_NOT_FOUND])
+        super(500, :internal_server_error, message, 'SecretNotFoundError')
+      end
+    end
+
+    class TwoFactorAuthenticationRequiredError < ExpectedError
+      def initialize(message='Two factor authentication required')
+        super(403, :forbidden, message, 'TwoFactorAuthenticationRequiredError')
+      end
+    end
+
     class ExceptionHelper
       def self.recursively_print(error, margin: '', is_error: false)
         logger = is_error ?

data/config/routes.rb

@@ -9,10 +9,6 @@ ForestLiana::Engine.routes.draw do
   get 'authentication/callback' => 'authentication#authentication_callback'
   post 'authentication/logout' => 'authentication#logout'
 
-  # Session
-  post 'sessions' => 'sessions#create_with_password'
-  post 'sessions-google' => 'sessions#create_with_google'
-
   # Associations
   get ':collection/:id/relationships/:association_name' => 'associations#index'
   get ':collection/:id/relationships/:association_name/count' => 'associations#count'

data/lib/forest_liana/bootstrapper.rb

@@ -18,6 +18,13 @@ module ForestLiana
         ForestLiana.auth_secret = ForestLiana.auth_key
       end
 
+      unless Rails.application.config.action_controller.perform_caching || Rails.env.test? || ForestLiana.forest_client_id
+        FOREST_LOGGER.error "You need to enable caching on your environment to use Forest Admin.\n" \
+          "For a development environment, run: `rails dev:cache`\n" \
+          "Or setup a static forest_client_id by following this part of the documentation:\n" \
+          "https://docs.forestadmin.com/documentation/how-tos/maintain/upgrade-notes-rails/upgrade-to-v6#setup-a-static-clientid"
+      end
+
       fetch_models
       check_integrations_setup
       namespace_duplicated_models
@@ -430,19 +437,19 @@ module ForestLiana
         fields: [
           { field: :id, type: 'String', is_filterable: false },
           { field: :amount_due, type: 'Number', is_filterable: false },
+          { field: :amount_paid, type: 'Number', is_filterable: false },
+          { field: :amount_remaining, type: 'Number', is_filterable: false },
+          { field: :application_fee_amount, type: 'Number', is_filterable: false },
           { field: :attempt_count, type: 'Number', is_filterable: false },
           { field: :attempted, type: 'Boolean', is_filterable: false },
-          { field: :closed, type: 'Boolean', is_filterable: false },
           { field: :currency, type: 'String', is_filterable: false },
-          { field: :date, type: 'Date', is_filterable: false },
-          { field: :forgiven, type: 'Boolean', is_filterable: false },
+          { field: :due_date, type: 'Date', is_filterable: false },
           { field: :period_start, type: 'Date', is_filterable: false },
           { field: :period_end, type: 'Date', is_filterable: false },
+          { field: :status, type: 'String', enums: ['draft', 'open', 'paid', 'uncollectible', 'void'], is_filterable: false },
           { field: :subtotal, type: 'Number', is_filterable: false },
           { field: :total, type: 'Number', is_filterable: false },
-          { field: :application_fee, type: 'Number', is_filterable: false },
           { field: :tax, type: 'Number', is_filterable: false },
-          { field: :tax_percent, type: 'Number', is_filterable: false },
           {
             field: :customer,
             type: 'String',

data/lib/forest_liana/version.rb

@@ -1,3 +1,3 @@
 module ForestLiana
-  VERSION = "6.0.0-beta.4"
+  VERSION = "6.0.4"
 end

data/lib/generators/forest_liana/install_generator.rb

@@ -5,6 +5,7 @@ module ForestLiana
     desc 'Forest Rails Liana installation generator'
 
     argument :env_secret, type: :string, required: true, desc: 'required', banner: 'env_secret'
+    argument :application_url, type: :string, required: false, desc: 'optional', banner: 'application_url', default: 'http://localhost:3000'
 
     def install
       if ForestLiana.env_secret.present?
@@ -27,35 +28,42 @@ module ForestLiana
       if File.exist? 'config/secrets.yml'
         inject_into_file 'config/secrets.yml', after: "development:\n" do
           "  forest_env_secret: #{env_secret}\n" +
-          "  forest_auth_secret: #{auth_secret}\n"
+          "  forest_auth_secret: #{auth_secret}\n" +
+          "  forest_application_url: #{application_url}\n"
         end
 
         inject_into_file 'config/secrets.yml', after: "staging:\n", force: true do
           "  forest_env_secret: <%= ENV[\"FOREST_ENV_SECRET\"] %>\n" +
-          "  forest_auth_secret: <%= ENV[\"FOREST_AUTH_SECRET\"] %>\n"
+          "  forest_auth_secret: <%= ENV[\"FOREST_AUTH_SECRET\"] %>\n" +
+          "  forest_application_url: <%= ENV[\"FOREST_APPLICATION_URL\"] %>\n"
         end
 
         inject_into_file 'config/secrets.yml', after: "production:\n", force: true do
           "  forest_env_secret: <%= ENV[\"FOREST_ENV_SECRET\"] %>\n" +
-          "  forest_auth_secret: <%= ENV[\"FOREST_AUTH_SECRET\"] %>\n"
+          "  forest_auth_secret: <%= ENV[\"FOREST_AUTH_SECRET\"] %>\n" +
+          "  forest_application_url: <%= ENV[\"FOREST_APPLICATION_URL\"] %>\n"
         end
       else
         create_file 'config/secrets.yml' do
           "development:\n" +
           "  forest_env_secret: #{env_secret}\n" +
           "  forest_auth_secret: #{auth_secret}\n" +
+          "  forest_application_url: #{application_url}\n" +
           "staging:\n" +
           "  forest_env_secret: <%= ENV[\"FOREST_ENV_SECRET\"] %>\n" +
           "  forest_auth_secret: <%= ENV[\"FOREST_AUTH_SECRET\"] %>\n" +
+          "  forest_application_url: <%= ENV[\"FOREST_APPLICATION_URL\"] %>\n" +
           "production:\n" +
           "  forest_env_secret: <%= ENV[\"FOREST_ENV_SECRET\"] %>\n" +
-          "  forest_auth_secret: <%= ENV[\"FOREST_AUTH_SECRET\"] %>\n"
+          "  forest_auth_secret: <%= ENV[\"FOREST_AUTH_SECRET\"] %>\n" +
+          "  forest_application_url: <%= ENV[\"FOREST_APPLICATION_URL\"] %>\n"
         end
       end
 
       initializer 'forest_liana.rb' do
         "ForestLiana.env_secret = Rails.application.secrets.forest_env_secret" +
-        "\nForestLiana.auth_secret = Rails.application.secrets.forest_auth_secret"
+        "\nForestLiana.auth_secret = Rails.application.secrets.forest_auth_secret" +
+        "\nForestLiana.application_url = Rails.application.secrets.forest_application_url"
       end
     end
   end