forest_liana 9.1.10 → 9.2.1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 1a0e913808b061b713f2f30f49f2a06c43fa7b47089e1d917a9eedd0090d5750
-  data.tar.gz: 51b70d6fbc9333e273587c63f5f1b48a6b0a6d679c8265bcd8374a8e2416c1af
+  metadata.gz: e03a8e20588dbaae629e6d3a0e841165702096c4cb93d7bab098b17fb964dc7d
+  data.tar.gz: 4537f312e7a7505582bf7bbe3416fe1e07d0c5d89164b5cb5b0fd36df9a9f9e3
 SHA512:
-  metadata.gz: 0ec7cd50fb18a1ddb46e069e78729005c1676294550971c80a4452010d776e6ca095f756cfc29a57f36bb14a7ac5aa81d2fdf55b212f63772b5c7f5fe686d646
-  data.tar.gz: 22e270257029f42d3669aa5b55c786aa3865534db5be8d28de9f12c172f6f6b3515a72f8d1933ed82f4bef137db9c506cd5beeb598a84bdb08ff95ba98d86a5c
+  metadata.gz: ad85c58f1801544aa70ff0f73419ab2182e4422529935eaec4ea1075d806221be459127b6efcb61833a28614ce619ab5468aec88a5358f8539beeb395152c085
+  data.tar.gz: 8366c1bac0370223df91aeb1da2f4a258732b7e24511b81dd95375d0073a45b4172db7fcdb37fa52cf91d0546b9235ec2be5d13bd57a1802431b298e42753781

data/app/services/forest_liana/ability/permission/smart_action_checker.rb

@@ -49,7 +49,7 @@ module ForestLiana
           begin
             attributes = @parameters[:data][:attributes]
             records = FiltersParser.new(
-              @smart_action[condition_name][0]['filter'].to_json,
+              @smart_action[condition_name][0]['filter'],
               @collection,
               @parameters[:timezone],
               @parameters

data/app/services/forest_liana/filters_parser.rb

@@ -3,7 +3,7 @@ module ForestLiana
     AGGREGATOR_OPERATOR = %w(and or)
 
     def initialize(filters, resource, timezone, params = nil)
-      @filters = filters.instance_of?(ActionController::Parameters) ? filters.to_h : JSON.parse(filters)
+      @filters = filters
       @params = params
       @resource = resource
       @operator_date_parser = OperatorDateIntervalParser.new(timezone)
@@ -87,10 +87,6 @@ module ForestLiana
       value = condition['value']
       field_name = condition['field']
 
-      if value.is_a?(String) && value.start_with?('{{')
-        value = @params[:contextVariables][value.gsub(/[{}]/, '')]
-      end
-
       if @operator_date_parser.is_date_operator?(operator)
         condition = @operator_date_parser.get_date_filter(operator, value)
         return "#{parse_field_name(field_name)} #{condition}"

data/app/services/forest_liana/leaderboard_stat_getter.rb

@@ -27,7 +27,7 @@ module ForestLiana
     end
 
     def get_scoped_model(model, forest_user, timezone)
-      scope_filters = ForestLiana::ScopeManager.get_scope_for_user(forest_user, model.name, as_string: true)
+      scope_filters = ForestLiana::ScopeManager.get_scope(model.name, forest_user)
 
       return model.unscoped if scope_filters.blank?
 

data/app/services/forest_liana/line_stat_getter.rb

@@ -25,7 +25,7 @@ module ForestLiana
     def perform
       value = get_resource()
 
-      filters = ForestLiana::ScopeManager.append_scope_for_user(@params[:filter], @user, @resource.name)
+      filters = ForestLiana::ScopeManager.append_scope_for_user(@params[:filter], @user, @resource.name, @params['contextVariables'])
 
       unless filters.blank?
         value = FiltersParser.new(filters, @resource, @params[:timezone], @params).apply_filters

data/app/services/forest_liana/pie_stat_getter.rb

@@ -7,7 +7,7 @@ module ForestLiana
         timezone_offset = @params[:timezone].to_i
         resource = optimize_record_loading(@resource, get_resource)
 
-        filters = ForestLiana::ScopeManager.append_scope_for_user(@params[:filter], @user, @resource.name)
+        filters = ForestLiana::ScopeManager.append_scope_for_user(@params[:filter], @user, @resource.name, @params['contextVariables'])
 
         unless filters.blank?
           resource = FiltersParser.new(filters, resource, @params[:timezone], @params).apply_filters

data/app/services/forest_liana/scope_manager.rb

@@ -1,20 +1,19 @@
 module ForestLiana
   class ScopeManager
-    @@scopes_cache = Hash.new
-    # 5 minutes exipration cache
+    # 5 minutes expiration cache
     @@scope_cache_expiration_delta = 300
 
-    def self.apply_scopes_on_records(records, forest_user, collection_name, timezone)
-      scope_filters = get_scope_for_user(forest_user, collection_name, as_string: true)
+    def self.apply_scopes_on_records(records, user, collection_name, timezone)
+      scope_filters = get_scope(collection_name, user)
 
       return records if scope_filters.blank?
 
       FiltersParser.new(scope_filters, records, timezone).apply_filters
     end
 
-    def self.append_scope_for_user(existing_filter, user, collection_name)
-      existing_filter = existing_filter.to_json if existing_filter.is_a?(ActionController::Parameters)
-      scope_filter = get_scope_for_user(user, collection_name, as_string: true)
+    def self.append_scope_for_user(existing_filter, user, collection_name, request_context_variables = nil)
+      existing_filter = inject_context_variables(existing_filter, user, request_context_variables) if existing_filter
+      scope_filter = get_scope(collection_name, user, request_context_variables)
       filters = [existing_filter, scope_filter].compact
 
       case filters.length
@@ -23,80 +22,57 @@ module ForestLiana
       when 1
         filters[0]
       else
-        "{\"aggregator\":\"and\",\"conditions\":[#{existing_filter},#{scope_filter}]}"
+        { 'aggregator' => 'and', 'conditions' => [existing_filter, scope_filter] }
       end
     end
 
-    def self.get_scope_for_user(user, collection_name, as_string: false)
-      raise 'Missing required rendering_id' unless user['rendering_id']
-      raise 'Missing required collection_name' unless collection_name
+    def self.get_scope(collection_name, user, request_context_variables = nil)
+      retrieve = fetch_scopes(user['rendering_id'])
+      scope = retrieve['scopes'][collection_name]
 
-      collection_scope = get_collection_scope(user['rendering_id'], collection_name)
+      return nil if scope.nil?
 
-      return nil unless collection_scope
-
-      filters = format_dynamic_values(user['id'], collection_scope)
-
-      as_string && filters ? JSON.generate(filters) : filters
+      inject_context_variables(scope, user, request_context_variables)
     end
 
-    def self.get_collection_scope(rendering_id, collection_name)
-      if !@@scopes_cache[rendering_id]
-        # when scope cache is unset wait for the refresh
-        refresh_scopes_cache(rendering_id)
-      elsif has_cache_expired?(rendering_id)
-        # when cache expired refresh the scopes without waiting for it
-        Thread.new { refresh_scopes_cache(rendering_id) }
-      end
+    def self.inject_context_variables(filter, user, request_context_variables = nil)
+      filter = JSON.parse(filter) if filter.is_a? String
 
-      @@scopes_cache[rendering_id][:scopes][collection_name].deep_dup
-    end
+      retrieve = fetch_scopes(user['rendering_id'])
+      context_variables = Utils::ContextVariables.new(retrieve['team'], user, request_context_variables)
 
-    def self.has_cache_expired?(rendering_id)
-      rendering_scopes = @@scopes_cache[rendering_id]
-      return true unless rendering_scopes
-
-      second_since_last_fetch = Time.now - rendering_scopes[:fetched_at]
-      second_since_last_fetch >= @@scope_cache_expiration_delta
+      Utils::ContextVariablesInjector.inject_context_in_filter(filter, context_variables)
     end
 
-    def self.refresh_scopes_cache(rendering_id)
-      scopes = fetch_scopes(rendering_id)
-      @@scopes_cache[rendering_id] = {
-        :fetched_at => Time.now,
-        :scopes => scopes
-      }
+    def self.invalidate_scope_cache(rendering_id)
+      Rails.cache.delete('forest.scopes.' + rendering_id.to_s)
     end
 
     def self.fetch_scopes(rendering_id)
-      query_parameters = { 'renderingId' => rendering_id }
-      response = ForestLiana::ForestApiRequester.get('/liana/scopes', query: query_parameters)
+      response = ForestLiana::ForestApiRequester.get("/liana/v4/permissions/renderings/#{rendering_id}")
 
       if response.is_a?(Net::HTTPOK)
-        JSON.parse(response.body)
+        Rails.cache.fetch('forest.scopes.' + rendering_id.to_s, expires_in: @@scope_cache_expiration_delta) do
+          data = {}
+          parse_response = JSON.parse(response.body)
+
+          data['scopes'] = decode_scope(parse_response['collections'])
+          data['team'] = parse_response['team']
+
+          data
+        end
       else
         raise 'Unable to fetch scopes'
       end
     end
 
-    def self.format_dynamic_values(user_id, collection_scope)
-      filter = collection_scope.dig('scope', 'filter')
-      return nil unless filter
-
-      dynamic_scopes_values = collection_scope.dig('scope', 'dynamicScopesValues')
-
-      # Only goes one level deep as required for now
-      filter['conditions'].map do |condition|
-        value = condition['value']
-        if value.is_a?(String) && value.start_with?('$currentUser')
-          condition['value'] = dynamic_scopes_values.dig('users', user_id, value)
-        end
+    def self.decode_scope(raw_scopes)
+      scopes = {}
+      raw_scopes.each do |collection_name, value|
+        scopes[collection_name] = value['scope'] unless value['scope'].nil?
       end
-      filter
-    end
 
-    def self.invalidate_scope_cache(rendering_id)
-      @@scopes_cache.delete(rendering_id)
+      scopes
     end
   end
 end

data/app/services/forest_liana/utils/context_variables.rb

@@ -0,0 +1,41 @@
+module ForestLiana
+  module Utils
+    class ContextVariables
+      attr_reader :team, :user, :request_context_variables
+
+      USER_VALUE_PREFIX = 'currentUser.'.freeze
+
+      USER_VALUE_TAG_PREFIX = 'currentUser.tags.'.freeze
+
+      USER_VALUE_TEAM_PREFIX = 'currentUser.team.'.freeze
+
+      def initialize(team, user, request_context_variables = nil)
+        @team = team
+        @user = user
+        @request_context_variables = request_context_variables
+      end
+
+      def get_value(context_variable_key)
+        return get_current_user_data(context_variable_key) if context_variable_key.start_with?(USER_VALUE_PREFIX)
+
+        request_context_variables[context_variable_key] if request_context_variables
+      end
+
+      private
+
+      def get_current_user_data(context_variable_key)
+        if context_variable_key.start_with?(USER_VALUE_TEAM_PREFIX)
+          return team[context_variable_key[USER_VALUE_TEAM_PREFIX.length..]]
+        end
+
+        if context_variable_key.start_with?(USER_VALUE_TAG_PREFIX)
+          user['tags'].each do |tag|
+            return tag[context_variable_key[USER_VALUE_TAG_PREFIX.length..]] if tag.key?(context_variable_key[USER_VALUE_TAG_PREFIX.length..])
+          end
+        end
+
+        user[context_variable_key[USER_VALUE_PREFIX.length..]]
+      end
+    end
+  end
+end

data/app/services/forest_liana/utils/context_variables_injector.rb

@@ -0,0 +1,53 @@
+module ForestLiana
+  module Utils
+    class ContextVariablesInjector
+
+      def self.inject_context_in_value(value, context_variables)
+        inject_context_in_value_custom(value) do |context_variable_key|
+          context_variables.get_value(context_variable_key).to_s
+        end
+      end
+
+      def self.inject_context_in_value_custom(value)
+        return value unless value.is_a?(String)
+
+        value_with_context_variables_injected = value
+        regex = /{{([^}]+)}}/
+        encountered_variables = []
+
+        while (match = regex.match(value_with_context_variables_injected))
+          context_variable_key = match[1]
+
+          unless encountered_variables.include?(context_variable_key)
+            value_with_context_variables_injected.gsub!(
+              /{{#{context_variable_key}}}/,
+              yield(context_variable_key)
+            )
+          end
+
+          encountered_variables.push(context_variable_key)
+        end
+
+        value_with_context_variables_injected
+      end
+
+      def self.inject_context_in_filter(filter, context_variables)
+        return nil unless filter
+
+        if filter.key? 'aggregator'
+          return {
+            'aggregator' => filter['aggregator'],
+            'conditions' => filter['conditions'].map { |condition| inject_context_in_filter(condition, context_variables) }
+          }
+        end
+
+        {
+          'field' => filter['field'],
+          'operator' => filter['operator'],
+          'value' => inject_context_in_value(filter['value'], context_variables)
+        }
+
+      end
+    end
+  end
+end

data/app/services/forest_liana/value_stat_getter.rb

@@ -6,7 +6,7 @@ module ForestLiana
       return if @params[:aggregator].blank?
       resource = optimize_record_loading(@resource, get_resource)
 
-      filters = ForestLiana::ScopeManager.append_scope_for_user(@params[:filter], @user, @resource.name)
+      filters = ForestLiana::ScopeManager.append_scope_for_user(@params[:filter], @user, @resource.name, @params['contextVariables'])
 
       unless filters.blank?
         filter_parser = FiltersParser.new(filters, resource, @params[:timezone], @params)

data/lib/forest_liana/version.rb

@@ -1,3 +1,3 @@
 module ForestLiana
-  VERSION = "9.1.10"
+  VERSION = "9.2.1"
 end

data/spec/requests/actions_controller_spec.rb

@@ -2,7 +2,7 @@ require 'rails_helper'
 
 describe 'Requesting Actions routes', :type => :request  do
   let(:rendering_id) { 13 }
-  let(:scope_filters) { nil }
+  let(:scope_filters) { {'scopes' => {}, 'team' => {'id' => '1', 'name' => 'Operations'}} }
 
   before(:each) do
     allow(ForestLiana::IpWhitelist).to receive(:is_ip_whitelist_retrieved) { true }
@@ -10,7 +10,7 @@ describe 'Requesting Actions routes', :type => :request  do
     Island.create(id: 1, name: 'Corsica')
 
     ForestLiana::ScopeManager.invalidate_scope_cache(rendering_id)
-    allow(ForestLiana::ScopeManager).to receive(:get_scope_for_user).and_return(scope_filters)
+    allow(ForestLiana::ScopeManager).to receive(:fetch_scopes).and_return(scope_filters)
   end
 
   after(:each) do
@@ -291,7 +291,21 @@ describe 'Requesting Actions routes', :type => :request  do
 
     describe 'with scopes' do
       describe 'when record is in scope' do
-        let(:scope_filters) { JSON.generate({ field: 'name', operator: 'equal', value: 'Corsica' }) }
+        let(:scope_filters) {
+          {
+            'scopes' =>
+              {
+                'Island' => {
+                  'aggregator' => 'and',
+                  'conditions' => [{'field' => 'name', 'operator' => 'equal', 'value' => 'Corsica'}]
+                }
+              },
+            'team' => {
+              'id' => 43,
+              'name' => 'Operations'
+            }
+          }
+        }
 
         it 'should respond 200 and perform the action' do
           post '/forest/actions/test', params: JSON.dump(params), headers: headers
@@ -301,7 +315,21 @@ describe 'Requesting Actions routes', :type => :request  do
       end
 
       describe 'when record is out of scope' do
-        let(:scope_filters) { JSON.generate({ field: 'name', operator: 'equal', value: 'Ré' }) }
+        let(:scope_filters) {
+          {
+            'scopes' =>
+              {
+                'Island' => {
+                  'aggregator' => 'and',
+                  'conditions' => [{'field' => 'name', 'operator' => 'equal', 'value' => 'Ré'}]
+                }
+              },
+            'team' => {
+              'id' => 43,
+              'name' => 'Operations'
+            }
+          }
+        }
 
         it 'should respond 400 and NOT perform the action' do
           post '/forest/actions/test', params: JSON.dump(params), headers: headers

data/spec/requests/count_spec.rb

@@ -15,7 +15,7 @@ describe 'Requesting Owner', :type => :request  do
 
     allow_any_instance_of(ForestLiana::Ability).to receive(:forest_authorize!) { true }
 
-    allow(ForestLiana::ScopeManager).to receive(:fetch_scopes).and_return({})
+    allow(ForestLiana::ScopeManager).to receive(:fetch_scopes).and_return({'scopes' => {}, 'team' => {'id' => '1', 'name' => 'Operations'}})
   end
 
   token = JWT.encode({

data/spec/requests/resources_spec.rb

@@ -1,10 +1,10 @@
 require 'rails_helper'
 
 describe 'Requesting Tree resources', :type => :request  do
-
+  let(:scope_filters) { {'scopes' => {}, 'team' => {'id' => '1', 'name' => 'Operations'}} }
   before do
     user = User.create(name: 'Michel')
-    tree = Tree.create(name: 'Lemon Tree', owner: user, cutter: user)
+    Tree.create(name: 'Lemon Tree', owner: user, cutter: user)
 
     Rails.cache.write('forest.users', {'1' => { 'id' => 1, 'roleId' => 1, 'rendering_id' => '1' }})
     Rails.cache.write('forest.has_permission', true)
@@ -26,8 +26,7 @@ describe 'Requesting Tree resources', :type => :request  do
     allow(ForestLiana::IpWhitelist).to receive(:retrieve) { true }
     allow(ForestLiana::IpWhitelist).to receive(:is_ip_whitelist_retrieved) { true }
     allow(ForestLiana::IpWhitelist).to receive(:is_ip_valid) { true }
-    # allow_any_instance_of(ForestLiana::Ability).to receive(:forest_authorize!) { true }
-    allow(ForestLiana::ScopeManager).to receive(:fetch_scopes).and_return({})
+    allow(ForestLiana::ScopeManager).to receive(:fetch_scopes).and_return(scope_filters)
   end
 
   after do
@@ -156,10 +155,10 @@ describe 'Requesting Tree resources', :type => :request  do
 end
 
 describe 'Requesting Address resources', :type => :request  do
-
+  let(:scope_filters) { {'scopes' => {}, 'team' => {'id' => '1', 'name' => 'Operations'}} }
   before do
     user = User.create(name: 'Michel')
-    address = Address.create(line1: '10 Downing Street', city: 'London', zipcode: '2AB', addressable: user)
+    Address.create(line1: '10 Downing Street', city: 'London', zipcode: '2AB', addressable: user)
 
     Rails.cache.write('forest.users', {'1' => { 'id' => 1, 'roleId' => 1, 'rendering_id' => '1' }})
     Rails.cache.write('forest.has_permission', true)
@@ -181,7 +180,7 @@ describe 'Requesting Address resources', :type => :request  do
     allow(ForestLiana::IpWhitelist).to receive(:retrieve) { true }
     allow(ForestLiana::IpWhitelist).to receive(:is_ip_whitelist_retrieved) { true }
     allow(ForestLiana::IpWhitelist).to receive(:is_ip_valid) { true }
-    allow(ForestLiana::ScopeManager).to receive(:fetch_scopes).and_return({})
+    allow(ForestLiana::ScopeManager).to receive(:fetch_scopes).and_return(scope_filters)
   end
 
   after do

data/spec/requests/stats_spec.rb

@@ -2,34 +2,39 @@ require 'rails_helper'
 require 'json'
 
 describe "Stats", type: :request do
-
-  token = JWT.encode({
-    id: 1,
-    email: 'michael.kelso@that70.show',
-    first_name: 'Michael',
-    last_name: 'Kelso',
-    team: 'Operations',
-    rendering_id: '1',
-    exp: Time.now.to_i + 2.weeks.to_i,
-    permission_level: 'admin'
-  }, ForestLiana.auth_secret, 'HS256')
-
-  headers = {
-    'Accept' => 'application/json',
-    'Content-Type' => 'application/json',
-    'Authorization' => "Bearer #{token}"
-  }
-
+  let(:rendering_id) { 13 }
+  let(:scopes) { {'scopes' => {}, 'team' => {'id' => '1', 'name' => 'Operations'}} }
   let(:schema) {
     [
       ForestLiana::Model::Collection.new({
-        name: 'Product',
-        fields: [],
-        actions: []
-      })
+                                           name: 'Product',
+                                           fields: [],
+                                           actions: []
+                                         })
     ]
   }
 
+  let(:token) {
+      JWT.encode({
+      id: 1,
+      email: 'michael.kelso@that70.show',
+      first_name: 'Michael',
+      last_name: 'Kelso',
+      team: 'Operations',
+      rendering_id: rendering_id,
+      exp: Time.now.to_i + 2.weeks.to_i,
+      permission_level: 'admin'
+    }, ForestLiana.auth_secret, 'HS256')
+  }
+
+  let(:headers) {
+    {
+      'Accept' => 'application/json',
+      'Content-Type' => 'application/json',
+      'Authorization' => "Bearer #{token}"
+    }
+  }
+
   before do
     Rails.cache.write('forest.users', {'1' => { 'id' => 1, 'roleId' => 1, 'rendering_id' => '1' }})
     Rails.cache.write('forest.has_permission', true)
@@ -53,12 +58,8 @@ describe "Stats", type: :request do
           }
         )
 
-    ForestLiana::ScopeManager.class_variable_set(:@@scopes_cache, {
-      '1' => {
-        :fetched_at => Time.now,
-        :scopes => {}
-      }
-    })
+    ForestLiana::ScopeManager.invalidate_scope_cache(rendering_id)
+    allow(ForestLiana::ScopeManager).to receive(:fetch_scopes).and_return(scopes)
 
     allow(ForestLiana).to receive(:apimap).and_return(schema)
     allow(ForestLiana::IpWhitelist).to receive(:retrieve) { true }