forest_liana 6.0.0.pre.beta.4 → 6.0.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 3d299c9968621d0592da4e25c67969073237e6cf0eac69d0d898e6db6027ad14
-  data.tar.gz: bbb59dfd951086e62df9829124fcf57ef0b71d40550597abeaff3de07450c946
+  metadata.gz: 407abbfa6e112f59b3e951e0b29d9660fa3845606cbaff9db24238e09bde8f08
+  data.tar.gz: 1778138ca8558ea3c66c5acc86171493af707948eacc61b400ebcec31966b6ee
 SHA512:
-  metadata.gz: 9b3dc3c43d682e085dd95066648471f779bd03da28b935eb645532e04da42ab75651d679291d03118355cba35379655878fa9a3a36a2fb945fbdb1ac35099748
-  data.tar.gz: 2bd81a3eb3aa40c9129b1afd5fc86004eb10bbe6115f422537f82ffbeec0d94be77c542f68ed5494688464f1857bee5b691187a95d86a45357ca6d3e07b7c400
+  metadata.gz: 6b71a26a73298e82533e6a25282e0964214360d8c4c6b7774919b4421c778eef9ab28d31a260d85a83706367a3fd85b6be4169b84f28cc3e8a45b88c79d78cbc
+  data.tar.gz: efcde59108053f294bb2128205d347af6261f42bcaec0df8c4336631cbb3f7af34fa8940556863421f79c57b0c1ee88336c0586f4f06360ecc42d59310954ac0

data/app/controllers/forest_liana/actions_controller.rb

@@ -55,10 +55,20 @@ module ForestLiana
       # Apply result on fields (transform the object back to an array), preserve order.
       fields = action.fields.map do |field|
         updated_field = result[field[:field]]
+
         # Reset `value` when not present in `enums` (which means `enums` has changed).
-        if updated_field[:enums].is_a?(Array) && !updated_field[:enums].include?(updated_field[:value])
-          updated_field[:value] = nil
+        if updated_field[:enums].is_a?(Array)
+          # `value` can be an array if the type of fields is `[x]`
+          if updated_field[:type].is_a?(Array) && updated_field[:value].is_a?(Array) && !(updated_field[:value] - updated_field[:enums]).empty?
+            updated_field[:value] = nil
+          end
+
+          # `value` can be any other value
+          if !updated_field[:type].is_a?(Array) && !updated_field[:enums].include?(updated_field[:value])
+            updated_field[:value] = nil
+          end
         end
+
         updated_field
       end
 

data/app/controllers/forest_liana/authentication_controller.rb

@@ -86,8 +86,8 @@ module ForestLiana
         render json: response_body, status: 200
 
       rescue => error
-        render json: { errors: [{ status: 500, detail: error.message }] },
-          status: :internal_server_error, serializer: nil
+        render json: { errors: [{ status: error.error_code || 500, detail: error.message }] },
+          status: error.status || :internal_server_error, serializer: nil
       end
     end
 

data/app/serializers/forest_liana/stripe_invoice_serializer.rb

@@ -3,20 +3,20 @@ module ForestLiana
     include JSONAPI::Serializer
 
     attribute :amount_due
+    attribute :amount_paid
+    attribute :amount_remaining
+    attribute :application_fee_amount
     attribute :attempt_count
     attribute :attempted
-    attribute :closed
     attribute :currency
-    attribute :date
-    attribute :forgiven
+    attribute :due_date
     attribute :paid
     attribute :period_end
     attribute :period_start
+    attribute :status
     attribute :subtotal
     attribute :total
-    attribute :application_fee
     attribute :tax
-    attribute :tax_percent
 
     has_one :customer
 

data/app/services/forest_liana/authentication.rb

@@ -26,9 +26,7 @@ module ForestLiana
 
       user = ForestLiana::AuthorizationGetter.authenticate(
         rendering_id,
-        true,
         { :forest_token => access_token_instance.instance_variable_get(:@access_token) },
-        nil,
       )
 
       return ForestLiana::Token.create_token(user, rendering_id)

data/app/services/forest_liana/authorization_getter.rb

@@ -1,23 +1,12 @@
 module ForestLiana
   class AuthorizationGetter
-    def self.authenticate(rendering_id, use_google_authentication, auth_data, two_factor_registration)
+    def self.authenticate(rendering_id, auth_data)
       begin
         route = "/liana/v2/renderings/#{rendering_id.to_s}/authorization"
-
-        if !use_google_authentication.nil?
-          headers = { 'forest-token' => auth_data[:forest_token] }
-        elsif !auth_data[:email].nil?
-          headers = { 'email' => auth_data[:email], 'password' => auth_data[:password] }
-        end
-
-        query_parameters = {}
-
-        unless two_factor_registration.nil?
-          query_parameters['two-factor-registration'] = true
-        end
+        headers = { 'forest-token' => auth_data[:forest_token] }
 
         response = ForestLiana::ForestApiRequester
-          .get(route, query: query_parameters, headers: headers)
+          .get(route, query: {}, headers: headers)
 
         if response.code.to_i == 200
           body = JSON.parse(response.body, :symbolize_names => false)
@@ -25,15 +14,28 @@ module ForestLiana
           user['id'] = body['data']['id']
           user
         else
-          unless use_google_authentication.nil?
-            raise "Cannot authorize the user using this google account. Forest API returned an #{Errors::HTTPErrorHelper.format(response)}"
-          else
-            raise "Cannot authorize the user using this email/password. Forest API returned an #{Errors::HTTPErrorHelper.format(response)}"
-          end
+          raise generate_authentication_error response
         end
-      rescue
-        raise ForestLiana::Errors::HTTP401Error
       end
     end
+
+    private
+    def self.generate_authentication_error(error)
+      case error[:message]
+      when ForestLiana::MESSAGES[:SERVER_TRANSACTION][:SECRET_AND_RENDERINGID_INCONSISTENT]
+        return ForestLiana::Errors::InconsistentSecretAndRenderingError.new()
+      when ForestLiana::MESSAGES[:SERVER_TRANSACTION][:SECRET_NOT_FOUND]
+        return ForestLiana::Errors::SecretNotFoundError.new()
+      else
+      end
+
+      serverError = error[:jse_cause][:response][:body][:errors][0] || nil
+
+      if !serverError.nil? && serverError[:name] == ForestLiana::MESSAGES[:SERVER_TRANSACTION][:names][:TWO_FACTOR_AUTHENTICATION_REQUIRED]
+        return ForestLiana::Errors::TwoFactorAuthenticationRequiredError.new()
+      end
+
+      return StandardError.new(error)
+    end
   end
 end

data/app/services/forest_liana/resource_creator.rb

@@ -53,7 +53,7 @@ module ForestLiana
     end
 
     def has_strong_parameter
-      Rails::VERSION::MAJOR > 5 || @resource.instance_method(:update_attributes!).arity == 1
+      Rails::VERSION::MAJOR > 5 || @resource.instance_method(:update!).arity == 1
     end
   end
 end

data/app/services/forest_liana/resource_updater.rb

@@ -14,9 +14,9 @@ module ForestLiana
         @record = @resource.find(@params[:id])
 
         if has_strong_parameter
-          @record.update_attributes(resource_params)
+          @record.update(resource_params)
         else
-          @record.update_attributes(resource_params, without_protection: true)
+          @record.update(resource_params, without_protection: true)
         end
       rescue ActiveRecord::StatementInvalid => exception
         # NOTICE: SQL request cannot be executed properly
@@ -33,7 +33,7 @@ module ForestLiana
     end
 
     def has_strong_parameter
-      Rails::VERSION::MAJOR > 5 || @resource.instance_method(:update_attributes!).arity == 1
+      Rails::VERSION::MAJOR > 5 || @resource.instance_method(:update!).arity == 1
     end
   end
 end

data/app/services/forest_liana/schema_utils.rb

@@ -2,9 +2,14 @@ module ForestLiana
   class SchemaUtils
 
     def self.associations(active_record_class)
-      active_record_class
-        .reflect_on_all_associations
-        .select { |association| !polymorphic?(association) && !is_active_type?(association.klass) }
+      active_record_class.reflect_on_all_associations.select do |association|
+        begin
+          !polymorphic?(association) && !is_active_type?(association.klass)
+        rescue
+          FOREST_LOGGER.warn "Unknown association #{association.name} on class #{active_record_class.name}"
+          false
+        end
+      end
     end
 
     def self.one_associations(active_record_class)

data/app/services/forest_liana/stripe_invoice_getter.rb

@@ -11,7 +11,7 @@ module ForestLiana
       query = {}
       @record = ::Stripe::Invoice.retrieve(@params[:invoice_id])
 
-      @record.date = Time.at(@record.date).to_datetime
+      @record.due_date = Time.at(@record.due_date).to_datetime unless @record.due_date.nil?
       @record.period_start = Time.at(@record.period_start).to_datetime
       @record.period_end = Time.at(@record.period_end).to_datetime
       @record.subtotal /= 100.00

data/app/services/forest_liana/stripe_invoices_getter.rb

@@ -32,7 +32,7 @@ module ForestLiana
         end
 
         @records = @invoices.data.map do |d|
-          d.date = Time.at(d.date).to_datetime
+          d.date = Time.at(d.created).to_datetime
           d.period_start = Time.at(d.period_start).to_datetime
           d.period_end = Time.at(d.period_end).to_datetime
           d.subtotal /= 100.00

data/app/services/forest_liana/stripe_source_getter.rb

@@ -12,7 +12,7 @@ module ForestLiana
       customer = resource[field]
 
       @record = ::Stripe::Customer
-        .retrieve(customer)
+        .retrieve({ id: customer, expand: ['sources'] })
         .sources.retrieve(@params[:objectId])
 
       query = {}

data/app/services/forest_liana/stripe_sources_getter.rb

@@ -32,7 +32,7 @@ module ForestLiana
 
     def fetch_bank_accounts(customer, params)
       begin
-        @cards = ::Stripe::Customer.retrieve(customer).sources.list(params)
+        @cards = ::Stripe::Customer.retrieve({ id: customer, expand: ['sources'] }).sources.list(params)
         if @cards.blank?
           @records = []
           return

data/config/initializers/error-messages.rb

@@ -15,6 +15,9 @@ module ForestLiana
       INVALID_RENDERING_ID: "The parameter renderingId is not valid",
       REGISTRATION_FAILED: "The registration to the authentication API failed, response: ",
       OIDC_CONFIGURATION_RETRIEVAL_FAILED: "Failed to retrieve the provider's configuration.",
+      names: {
+        TWO_FACTOR_AUTHENTICATION_REQUIRED: 'TwoFactorAuthenticationRequiredForbiddenError',
+      }
     }
   }
 end

data/config/initializers/errors.rb

@@ -14,12 +14,13 @@ module ForestLiana
     end
 
     class ExpectedError < StandardError
-      attr_reader :error_code, :status, :message
+      attr_reader :error_code, :status, :message, :name
 
-      def initialize(error_code, status, message)
+      def initialize(error_code, status, message, name = nil)
         @error_code = error_code
         @status = status
         @message = message
+        @name = name
       end
 
       def display_error
@@ -45,6 +46,24 @@ module ForestLiana
       end
     end
 
+    class InconsistentSecretAndRenderingError < ExpectedError
+      def initialize(message=ForestLiana::MESSAGES[:SERVER_TRANSACTION][:SECRET_AND_RENDERINGID_INCONSISTENT])
+        super(500, :internal_server_error, message, 'InconsistentSecretAndRenderingError')
+      end
+    end
+
+    class SecretNotFoundError < ExpectedError
+      def initialize(message=ForestLiana::MESSAGES[:SERVER_TRANSACTION][:SECRET_NOT_FOUND])
+        super(500, :internal_server_error, message, 'SecretNotFoundError')
+      end
+    end
+
+    class TwoFactorAuthenticationRequiredError < ExpectedError
+      def initialize(message='Two factor authentication required')
+        super(403, :forbidden, message, 'TwoFactorAuthenticationRequiredError')
+      end
+    end
+
     class ExceptionHelper
       def self.recursively_print(error, margin: '', is_error: false)
         logger = is_error ?

data/config/routes.rb

@@ -9,10 +9,6 @@ ForestLiana::Engine.routes.draw do
   get 'authentication/callback' => 'authentication#authentication_callback'
   post 'authentication/logout' => 'authentication#logout'
 
-  # Session
-  post 'sessions' => 'sessions#create_with_password'
-  post 'sessions-google' => 'sessions#create_with_google'
-
   # Associations
   get ':collection/:id/relationships/:association_name' => 'associations#index'
   get ':collection/:id/relationships/:association_name/count' => 'associations#count'

data/lib/forest_liana/bootstrapper.rb

@@ -430,19 +430,19 @@ module ForestLiana
         fields: [
           { field: :id, type: 'String', is_filterable: false },
           { field: :amount_due, type: 'Number', is_filterable: false },
+          { field: :amount_paid, type: 'Number', is_filterable: false },
+          { field: :amount_remaining, type: 'Number', is_filterable: false },
+          { field: :application_fee_amount, type: 'Number', is_filterable: false },
           { field: :attempt_count, type: 'Number', is_filterable: false },
           { field: :attempted, type: 'Boolean', is_filterable: false },
-          { field: :closed, type: 'Boolean', is_filterable: false },
           { field: :currency, type: 'String', is_filterable: false },
-          { field: :date, type: 'Date', is_filterable: false },
-          { field: :forgiven, type: 'Boolean', is_filterable: false },
+          { field: :due_date, type: 'Date', is_filterable: false },
           { field: :period_start, type: 'Date', is_filterable: false },
           { field: :period_end, type: 'Date', is_filterable: false },
+          { field: :status, type: 'String', enums: ['draft', 'open', 'paid', 'uncollectible', 'void'], is_filterable: false },
           { field: :subtotal, type: 'Number', is_filterable: false },
           { field: :total, type: 'Number', is_filterable: false },
-          { field: :application_fee, type: 'Number', is_filterable: false },
           { field: :tax, type: 'Number', is_filterable: false },
-          { field: :tax_percent, type: 'Number', is_filterable: false },
           {
             field: :customer,
             type: 'String',

data/lib/forest_liana/version.rb

@@ -1,3 +1,3 @@
 module ForestLiana
-  VERSION = "6.0.0-beta.4"
+  VERSION = "6.0.0"
 end

data/spec/requests/actions_controller_spec.rb

@@ -35,6 +35,11 @@ describe 'Requesting Actions routes', :type => :request  do
         type: 'Enum',
         enums: %w[a b c],
     }
+    multiple_enum = {
+        field: 'multipleEnum',
+        type: ['Enum'],
+        enums: %w[a b c],
+    }
 
     action_definition = {
         name: 'my_action',
@@ -95,12 +100,28 @@ describe 'Requesting Actions routes', :type => :request  do
         }
       }
     }
+
+    multiple_enums_action_definition = {
+        name: 'multiple_enums_action',
+        fields: [foo, multiple_enum],
+        hooks: {
+            :change => {
+                'foo' => -> (context) {
+                  fields = context[:fields]
+                  fields['multipleEnum'][:enums] = %w[c d z]
+                  return fields
+                }
+            }
+        }
+    }
+
     action = ForestLiana::Model::Action.new(action_definition)
     fail_action = ForestLiana::Model::Action.new(fail_action_definition)
     cheat_action = ForestLiana::Model::Action.new(cheat_action_definition)
     enums_action = ForestLiana::Model::Action.new(enums_action_definition)
+    multiple_enums_action = ForestLiana::Model::Action.new(multiple_enums_action_definition)
     island = ForestLiana.apimap.find {|collection| collection.name.to_s == ForestLiana.name_for(Island)}
-    island.actions = [action, fail_action, cheat_action, enums_action]
+    island.actions = [action, fail_action, cheat_action, enums_action, multiple_enums_action]
 
     describe 'call /load' do
       params = {recordIds: [1], collectionName: 'Island'}
@@ -169,6 +190,33 @@ describe 'Requesting Actions routes', :type => :request  do
         expect(JSON.parse(response.body)).to eq({'fields' => [expected_foo.stringify_keys, expected_enum.stringify_keys]})
       end
 
+      it 'should not reset value when every enum values are in the enums definition' do
+        updated_multiple_enum = multiple_enum.clone.merge({:previousValue => nil, :value => %w[c]})
+        p = {recordIds: [1], fields: [foo, updated_multiple_enum], collectionName: 'Island', changedField: 'foo'}
+        post '/forest/actions/multiple_enums_action/hooks/change', params: JSON.dump(p), headers: { 'CONTENT_TYPE' => 'application/json' }
+        expect(response.status).to eq(200)
+
+        expected_multiple_enum = updated_multiple_enum.clone.merge({ :enums => %w[c d z], :widgetEdit => nil, :value => %w[c]})
+        expected_multiple_enum.delete(:widget)
+        expected_foo = foo.clone.merge({ :widgetEdit => nil})
+        expected_foo.delete(:widget)
+
+        expect(JSON.parse(response.body)).to eq({'fields' => [expected_foo.stringify_keys, expected_multiple_enum.stringify_keys]})
+      end
+
+      it 'should reset value when one of the enum values is not in the enums definition' do
+        wrongly_updated_multiple_enum = multiple_enum.clone.merge({:previousValue => nil, :value => %w[a b]})
+        p = {recordIds: [1], fields: [foo, wrongly_updated_multiple_enum], collectionName: 'Island', changedField: 'foo'}
+        post '/forest/actions/multiple_enums_action/hooks/change', params: JSON.dump(p), headers: { 'CONTENT_TYPE' => 'application/json' }
+        expect(response.status).to eq(200)
+
+        expected_multiple_enum = wrongly_updated_multiple_enum.clone.merge({ :enums => %w[c d z], :widgetEdit => nil, :value => nil })
+        expected_multiple_enum.delete(:widget)
+        expected_foo = foo.clone.merge({ :widgetEdit => nil})
+        expected_foo.delete(:widget)
+
+        expect(JSON.parse(response.body)).to eq({'fields' => [expected_foo.stringify_keys, expected_multiple_enum.stringify_keys]})
+      end
     end
   end
 end

data/test/routing/route_test.rb

@@ -12,18 +12,6 @@ module ForestLiana
         controller: 'forest_liana/apimaps', action: 'index'
       })
 
-      # Session
-      assert_routing({
-        method: 'post', path: 'sessions'
-      }, {
-        controller: 'forest_liana/sessions', action: 'create_with_password'
-      })
-      assert_routing({
-        method: 'post', path: 'sessions-google'
-      }, {
-        controller: 'forest_liana/sessions', action: 'create_with_google'
-      })
-
       # Associations
       assert_routing({
         method: 'get', path: ':collection/:id/relationships/:association_name'

data/test/services/forest_liana/resources_getter_test.rb

@@ -106,7 +106,7 @@ module ForestLiana
           conditions: [{
             field: 'created_at',
             operator: 'after',
-            value: '2015-06-18 08:00:00',
+            value: "#{Time.now.year - 5}-06-18 08:00:00",
           }, {
             field: 'owner:name',
             operator: 'equal',
@@ -119,8 +119,8 @@ module ForestLiana
       records = getter.records
       count = getter.count
 
-      assert records.count == 2
-      assert count = 2
+      assert records.count == 1
+      assert count = 1
       assert records.first.id == 4
       assert records.first.name == 'Oak'
       assert records.first.owner.name == 'Arnaud Besnier'

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: forest_liana
 version: !ruby/object:Gem::Version
-  version: 6.0.0.pre.beta.4
+  version: 6.0.0
 platform: ruby
 authors:
 - Sandro Munda
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2021-01-15 00:00:00.000000000 Z
+date: 2021-02-22 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rails
@@ -122,34 +122,6 @@ dependencies:
     - - ">="
       - !ruby/object:Gem::Version
         version: '0'
-- !ruby/object:Gem::Dependency
-  name: rotp
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0'
-  type: :runtime
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0'
-- !ruby/object:Gem::Dependency
-  name: base32
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0'
-  type: :runtime
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0'
 - !ruby/object:Gem::Dependency
   name: httparty
   requirement: !ruby/object:Gem::Requirement
@@ -246,7 +218,6 @@ files:
 - app/controllers/forest_liana/mixpanel_controller.rb
 - app/controllers/forest_liana/resources_controller.rb
 - app/controllers/forest_liana/router.rb
-- app/controllers/forest_liana/sessions_controller.rb
 - app/controllers/forest_liana/smart_actions_controller.rb
 - app/controllers/forest_liana/stats_controller.rb
 - app/controllers/forest_liana/stripe_controller.rb
@@ -267,7 +238,6 @@ files:
 - app/serializers/forest_liana/mixpanel_event_serializer.rb
 - app/serializers/forest_liana/schema_serializer.rb
 - app/serializers/forest_liana/serializer_factory.rb
-- app/serializers/forest_liana/session_serializer.rb
 - app/serializers/forest_liana/stat_serializer.rb
 - app/serializers/forest_liana/stripe_bank_account_serializer.rb
 - app/serializers/forest_liana/stripe_card_serializer.rb
@@ -294,7 +264,6 @@ files:
 - app/services/forest_liana/leaderboard_stat_getter.rb
 - app/services/forest_liana/line_stat_getter.rb
 - app/services/forest_liana/live_query_checker.rb
-- app/services/forest_liana/login_handler.rb
 - app/services/forest_liana/mixpanel_last_events_getter.rb
 - app/services/forest_liana/objective_stat_getter.rb
 - app/services/forest_liana/oidc_client_manager.rb
@@ -326,8 +295,6 @@ files:
 - app/services/forest_liana/stripe_subscription_getter.rb
 - app/services/forest_liana/stripe_subscriptions_getter.rb
 - app/services/forest_liana/token.rb
-- app/services/forest_liana/two_factor_registration_confirmer.rb
-- app/services/forest_liana/user_secret_creator.rb
 - app/services/forest_liana/utils/beta_schema_utils.rb
 - app/services/forest_liana/value_stat_getter.rb
 - app/views/layouts/forest_liana/application.html.erb
@@ -397,7 +364,6 @@ files:
 - spec/requests/actions_controller_spec.rb
 - spec/requests/authentications_spec.rb
 - spec/requests/resources_spec.rb
-- spec/requests/sessions_spec.rb
 - spec/services/forest_liana/apimap_sorter_spec.rb
 - spec/services/forest_liana/filters_parser_spec.rb
 - spec/services/forest_liana/ip_whitelist_checker_spec.rb
@@ -514,162 +480,161 @@ required_ruby_version: !ruby/object:Gem::Requirement
       version: '0'
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
-  - - ">"
+  - - ">="
     - !ruby/object:Gem::Version
-      version: 1.3.1
+      version: '0'
 requirements: []
-rubygems_version: 3.0.8
+rubygems_version: 3.1.2
 signing_key: 
 specification_version: 4
 summary: Official Rails Liana for Forest
 test_files:
-- test/fixtures/owner.yml
-- test/fixtures/belongs_to_field.yml
-- test/fixtures/has_many_through_field.yml
-- test/fixtures/tree.yml
-- test/fixtures/has_one_field.yml
-- test/fixtures/reference.yml
-- test/fixtures/serialize_field.yml
-- test/fixtures/has_many_field.yml
-- test/fixtures/string_field.yml
-- test/services/forest_liana/resources_getter_test.rb
-- test/services/forest_liana/scope_validator_test.rb
-- test/services/forest_liana/schema_adapter_test.rb
-- test/services/forest_liana/has_many_getter_test.rb
-- test/services/forest_liana/value_stat_getter_test.rb
-- test/services/forest_liana/resource_updater_test.rb
-- test/services/forest_liana/pie_stat_getter_test.rb
-- test/test_helper.rb
-- test/dummy/README.rdoc
+- test/dummy/app/assets/stylesheets/application.css
+- test/dummy/app/assets/config/manifest.js
+- test/dummy/app/assets/javascripts/application.js
 - test/dummy/app/views/layouts/application.html.erb
+- test/dummy/app/controllers/application_controller.rb
+- test/dummy/app/helpers/application_helper.rb
+- test/dummy/app/models/reference.rb
+- test/dummy/app/models/float_field.rb
 - test/dummy/app/models/has_many_field.rb
+- test/dummy/app/models/polymorphic_field.rb
+- test/dummy/app/models/decimal_field.rb
 - test/dummy/app/models/string_field.rb
-- test/dummy/app/models/has_and_belongs_to_many_field.rb
+- test/dummy/app/models/serialize_field.rb
+- test/dummy/app/models/tree.rb
+- test/dummy/app/models/boolean_field.rb
+- test/dummy/app/models/date_field.rb
 - test/dummy/app/models/has_many_through_field.rb
-- test/dummy/app/models/has_many_class_name_field.rb
+- test/dummy/app/models/owner.rb
 - test/dummy/app/models/has_one_field.rb
-- test/dummy/app/models/date_field.rb
-- test/dummy/app/models/boolean_field.rb
-- test/dummy/app/models/float_field.rb
-- test/dummy/app/models/reference.rb
+- test/dummy/app/models/has_many_class_name_field.rb
 - test/dummy/app/models/belongs_to_class_name_field.rb
-- test/dummy/app/models/polymorphic_field.rb
-- test/dummy/app/models/tree.rb
-- test/dummy/app/models/decimal_field.rb
-- test/dummy/app/models/serialize_field.rb
 - test/dummy/app/models/integer_field.rb
 - test/dummy/app/models/belongs_to_field.rb
-- test/dummy/app/models/owner.rb
-- test/dummy/app/helpers/application_helper.rb
-- test/dummy/app/assets/javascripts/application.js
-- test/dummy/app/assets/stylesheets/application.css
-- test/dummy/app/assets/config/manifest.js
-- test/dummy/app/controllers/application_controller.rb
-- test/dummy/Rakefile
-- test/dummy/bin/rake
-- test/dummy/bin/bundle
-- test/dummy/bin/rails
-- test/dummy/bin/setup
-- test/dummy/public/404.html
-- test/dummy/public/500.html
-- test/dummy/public/422.html
-- test/dummy/public/favicon.ico
-- test/dummy/config.ru
-- test/dummy/db/migrate/20181111162121_create_references_table.rb
-- test/dummy/db/migrate/20150608131430_create_integer_field.rb
-- test/dummy/db/migrate/20160628173505_add_timestamps.rb
-- test/dummy/db/migrate/20160627172810_create_owner.rb
-- test/dummy/db/migrate/20150814081918_create_has_many_through_field.rb
+- test/dummy/app/models/has_and_belongs_to_many_field.rb
+- test/dummy/db/migrate/20160627172951_create_tree.rb
 - test/dummy/db/migrate/20150608132159_create_boolean_field.rb
-- test/dummy/db/migrate/20150608131603_create_decimal_field.rb
-- test/dummy/db/migrate/20150616150629_create_polymorphic_field.rb
 - test/dummy/db/migrate/20150612112520_create_has_and_belongs_to_many_field.rb
-- test/dummy/db/migrate/20150608131610_create_float_field.rb
-- test/dummy/db/migrate/20150608133038_create_belongs_to_field.rb
-- test/dummy/db/migrate/20150608150016_create_has_many_field.rb
+- test/dummy/db/migrate/20160627172810_create_owner.rb
 - test/dummy/db/migrate/20150609114636_create_belongs_to_class_name_field.rb
+- test/dummy/db/migrate/20150608130516_create_date_field.rb
+- test/dummy/db/migrate/20160628173505_add_timestamps.rb
+- test/dummy/db/migrate/20150608131610_create_float_field.rb
 - test/dummy/db/migrate/20170614141921_create_serialize_field.rb
+- test/dummy/db/migrate/20150608150016_create_has_many_field.rb
+- test/dummy/db/migrate/20150608131430_create_integer_field.rb
+- test/dummy/db/migrate/20150608133038_create_belongs_to_field.rb
+- test/dummy/db/migrate/20150616150629_create_polymorphic_field.rb
 - test/dummy/db/migrate/20150608132621_create_string_field.rb
-- test/dummy/db/migrate/20150608133044_create_has_one_field.rb
+- test/dummy/db/migrate/20181111162121_create_references_table.rb
 - test/dummy/db/migrate/20150623115554_create_has_many_class_name_field.rb
-- test/dummy/db/migrate/20150608130516_create_date_field.rb
-- test/dummy/db/migrate/20160627172951_create_tree.rb
+- test/dummy/db/migrate/20150608133044_create_has_one_field.rb
+- test/dummy/db/migrate/20150814081918_create_has_many_through_field.rb
+- test/dummy/db/migrate/20150608131603_create_decimal_field.rb
 - test/dummy/db/schema.rb
-- test/dummy/config/routes.rb
-- test/dummy/config/environment.rb
+- test/dummy/config.ru
+- test/dummy/README.rdoc
 - test/dummy/config/secrets.yml
-- test/dummy/config/application.rb
-- test/dummy/config/boot.rb
-- test/dummy/config/environments/test.rb
-- test/dummy/config/environments/development.rb
-- test/dummy/config/environments/production.rb
 - test/dummy/config/locales/en.yml
+- test/dummy/config/routes.rb
+- test/dummy/config/database.yml
 - test/dummy/config/initializers/wrap_parameters.rb
-- test/dummy/config/initializers/mime_types.rb
-- test/dummy/config/initializers/filter_parameter_logging.rb
 - test/dummy/config/initializers/assets.rb
+- test/dummy/config/initializers/filter_parameter_logging.rb
 - test/dummy/config/initializers/session_store.rb
+- test/dummy/config/initializers/backtrace_silencers.rb
 - test/dummy/config/initializers/inflections.rb
 - test/dummy/config/initializers/cookies_serializer.rb
-- test/dummy/config/initializers/backtrace_silencers.rb
-- test/dummy/config/database.yml
+- test/dummy/config/initializers/mime_types.rb
+- test/dummy/config/application.rb
+- test/dummy/config/environments/development.rb
+- test/dummy/config/environments/production.rb
+- test/dummy/config/environments/test.rb
+- test/dummy/config/environment.rb
+- test/dummy/config/boot.rb
+- test/dummy/public/500.html
+- test/dummy/public/favicon.ico
+- test/dummy/public/404.html
+- test/dummy/public/422.html
+- test/dummy/Rakefile
+- test/dummy/bin/rake
+- test/dummy/bin/setup
+- test/dummy/bin/rails
+- test/dummy/bin/bundle
 - test/forest_liana_test.rb
+- test/services/forest_liana/schema_adapter_test.rb
+- test/services/forest_liana/pie_stat_getter_test.rb
+- test/services/forest_liana/value_stat_getter_test.rb
+- test/services/forest_liana/has_many_getter_test.rb
+- test/services/forest_liana/resource_updater_test.rb
+- test/services/forest_liana/scope_validator_test.rb
+- test/services/forest_liana/resources_getter_test.rb
+- test/test_helper.rb
 - test/routing/route_test.rb
-- spec/services/forest_liana/permissions_formatter_spec.rb
-- spec/services/forest_liana/permissions_checker_acl_disabled_spec.rb
-- spec/services/forest_liana/ip_whitelist_checker_spec.rb
-- spec/services/forest_liana/permissions_checker_acl_enabled_spec.rb
-- spec/services/forest_liana/schema_adapter_spec.rb
-- spec/services/forest_liana/apimap_sorter_spec.rb
-- spec/services/forest_liana/filters_parser_spec.rb
-- spec/services/forest_liana/permissions_getter_spec.rb
-- spec/spec_helper.rb
-- spec/requests/actions_controller_spec.rb
-- spec/requests/sessions_spec.rb
-- spec/requests/authentications_spec.rb
-- spec/requests/resources_spec.rb
-- spec/dummy/README.rdoc
-- spec/dummy/app/views/layouts/application.html.erb
-- spec/dummy/app/models/island.rb
-- spec/dummy/app/models/user.rb
-- spec/dummy/app/models/tree.rb
-- spec/dummy/app/helpers/application_helper.rb
-- spec/dummy/app/assets/javascripts/application.js
+- test/fixtures/reference.yml
+- test/fixtures/has_many_through_field.yml
+- test/fixtures/has_many_field.yml
+- test/fixtures/tree.yml
+- test/fixtures/belongs_to_field.yml
+- test/fixtures/owner.yml
+- test/fixtures/serialize_field.yml
+- test/fixtures/string_field.yml
+- test/fixtures/has_one_field.yml
+- spec/rails_helper.rb
 - spec/dummy/app/assets/stylesheets/application.css
 - spec/dummy/app/assets/config/manifest.js
+- spec/dummy/app/assets/javascripts/application.js
+- spec/dummy/app/views/layouts/application.html.erb
 - spec/dummy/app/config/routes.rb
 - spec/dummy/app/controllers/application_controller.rb
-- spec/dummy/Rakefile
-- spec/dummy/bin/rake
-- spec/dummy/bin/bundle
-- spec/dummy/bin/rails
-- spec/dummy/bin/setup
-- spec/dummy/config.ru
-- spec/dummy/db/migrate/20190226174951_create_tree.rb
-- spec/dummy/db/migrate/20190716135241_add_type_to_user.rb
+- spec/dummy/app/helpers/application_helper.rb
+- spec/dummy/app/models/user.rb
+- spec/dummy/app/models/island.rb
+- spec/dummy/app/models/tree.rb
 - spec/dummy/db/migrate/20190226173051_create_isle.rb
 - spec/dummy/db/migrate/20190716130830_add_age_to_tree.rb
+- spec/dummy/db/migrate/20190226174951_create_tree.rb
+- spec/dummy/db/migrate/20190716135241_add_type_to_user.rb
 - spec/dummy/db/migrate/20190226172951_create_user.rb
 - spec/dummy/db/schema.rb
-- spec/dummy/config/routes.rb
-- spec/dummy/config/environment.rb
+- spec/dummy/config.ru
+- spec/dummy/README.rdoc
 - spec/dummy/config/secrets.yml
-- spec/dummy/config/application.rb
-- spec/dummy/config/boot.rb
-- spec/dummy/config/environments/test.rb
-- spec/dummy/config/environments/development.rb
-- spec/dummy/config/environments/production.rb
+- spec/dummy/config/routes.rb
+- spec/dummy/config/database.yml
 - spec/dummy/config/initializers/wrap_parameters.rb
+- spec/dummy/config/initializers/assets.rb
 - spec/dummy/config/initializers/forest_liana.rb
-- spec/dummy/config/initializers/mime_types.rb
 - spec/dummy/config/initializers/filter_parameter_logging.rb
-- spec/dummy/config/initializers/assets.rb
 - spec/dummy/config/initializers/session_store.rb
+- spec/dummy/config/initializers/backtrace_silencers.rb
 - spec/dummy/config/initializers/inflections.rb
 - spec/dummy/config/initializers/cookies_serializer.rb
-- spec/dummy/config/initializers/backtrace_silencers.rb
-- spec/dummy/config/database.yml
+- spec/dummy/config/initializers/mime_types.rb
+- spec/dummy/config/application.rb
+- spec/dummy/config/environments/development.rb
+- spec/dummy/config/environments/production.rb
+- spec/dummy/config/environments/test.rb
+- spec/dummy/config/environment.rb
+- spec/dummy/config/boot.rb
+- spec/dummy/Rakefile
+- spec/dummy/bin/rake
+- spec/dummy/bin/setup
+- spec/dummy/bin/rails
+- spec/dummy/bin/bundle
+- spec/services/forest_liana/schema_adapter_spec.rb
+- spec/services/forest_liana/permissions_checker_acl_disabled_spec.rb
+- spec/services/forest_liana/permissions_checker_acl_enabled_spec.rb
+- spec/services/forest_liana/permissions_formatter_spec.rb
+- spec/services/forest_liana/apimap_sorter_spec.rb
+- spec/services/forest_liana/permissions_getter_spec.rb
+- spec/services/forest_liana/ip_whitelist_checker_spec.rb
+- spec/services/forest_liana/filters_parser_spec.rb
+- spec/helpers/forest_liana/query_helper_spec.rb
 - spec/helpers/forest_liana/schema_helper_spec.rb
 - spec/helpers/forest_liana/is_same_data_structure_helper_spec.rb
-- spec/helpers/forest_liana/query_helper_spec.rb
-- spec/rails_helper.rb
+- spec/requests/actions_controller_spec.rb
+- spec/requests/authentications_spec.rb
+- spec/requests/resources_spec.rb
+- spec/spec_helper.rb

data/app/controllers/forest_liana/sessions_controller.rb

@@ -1,95 +0,0 @@
-module ForestLiana
-  class SessionsController < ForestLiana::BaseController
-    def create_with_password
-      @error_message = nil
-      rendering_id = params['renderingId']
-      project_id = params['projectId']
-      email = params['email']
-      password = params['password']
-      two_factor_token = params['token']
-      two_factor_registration = params['twoFactorRegistration']
-
-      process_login(
-        use_google_authentication: false,
-        rendering_id: rendering_id,
-        project_id: project_id,
-        auth_data: { email: email, password: password },
-        two_factor_registration: two_factor_registration,
-        two_factor_token: two_factor_token,
-      )
-    end
-
-    def create_with_google
-      @error_message = nil
-
-      forest_token = params['forestToken']
-      rendering_id = params['renderingId']
-      project_id = params['projectId']
-      two_factor_token = params['token']
-      two_factor_registration = params['twoFactorRegistration']
-
-      process_login(
-        use_google_authentication: true,
-        rendering_id: rendering_id,
-        project_id: project_id,
-        auth_data: { forest_token: forest_token },
-        two_factor_registration: two_factor_registration,
-        two_factor_token: two_factor_token,
-      )
-    end
-
-    private
-
-    def process_login(
-      use_google_authentication:,
-      rendering_id:,
-      project_id:,
-      auth_data:,
-      two_factor_registration:,
-      two_factor_token:
-    )
-      begin
-        if two_factor_registration && two_factor_token.nil?
-          raise ForestLiana::Errors::HTTP401Error
-        end
-
-        # NOTICE: The IP Whitelist is retrieved on any request if it was not retrieved yet, or when
-        #         an IP is rejected, to ensure the IP is still rejected (meaning the configuration
-        #         on the projects has not changed). To handle the last case, which is rejecting an
-        #         IP which was not initaliy rejected, we need periodically refresh the whitelist.
-        #         This is done here on the login of any user.
-        ForestLiana::IpWhitelist.retrieve
-
-        reponse_data = ForestLiana::LoginHandler.new(
-          rendering_id,
-          auth_data,
-          use_google_authentication,
-          two_factor_registration,
-          project_id,
-          two_factor_token
-        ).perform
-
-      rescue ForestLiana::Errors::ExpectedError => error
-        error.display_error
-        error_data = JSONAPI::Serializer.serialize_errors([{
-          status: error.error_code,
-          detail: error.message
-        }])
-        render(serializer: nil, json: error_data, status: error.status)
-      rescue StandardError => error
-        FOREST_LOGGER.error error
-        FOREST_LOGGER.error error.backtrace.join("\n")
-
-        render(serializer: nil, json: nil, status: :internal_server_error)
-      else
-        # NOTICE: Set a cookie to ensure secure authentication using export feature.
-        # NOTICE: The token is empty at first authentication step if the 2FA option is active.
-        if reponse_data[:token]
-          response.set_cookie("forest_session_token", { value: reponse_data[:token], expires: (ForestLiana::Token.expiration_in_days) })
-        end
-
-        render(json: reponse_data, serializer: nil)
-      end
-    end
-  end
-end

data/app/serializers/forest_liana/session_serializer.rb

@@ -1,33 +0,0 @@
-module ForestLiana
-  class SessionSerializer
-    include JSONAPI::Serializer
-
-    attribute :first_name
-    attribute :last_name
-    attribute :email
-
-    def type
-      'users'
-    end
-
-    def format_name(attribute_name)
-      attribute_name.to_s
-    end
-
-    def unformat_name(attribute_name)
-      attribute_name.to_s.underscore
-    end
-
-    def self_link
-      nil
-    end
-
-    def relationship_self_link(attribute_name)
-      nil
-    end
-
-    def relationship_related_link(attribute_name)
-      nil
-    end
-  end
-end

data/app/services/forest_liana/login_handler.rb

@@ -1,99 +0,0 @@
-require 'rotp'
-
-module ForestLiana
-  class LoginHandler
-    def initialize(
-      rendering_id,
-      auth_data,
-      use_google_authentication,
-      two_factor_registration,
-      project_id,
-      two_factor_token
-    )
-      @rendering_id = rendering_id
-      @auth_data = auth_data
-      @use_google_authentication = use_google_authentication
-      @two_factor_registration = two_factor_registration
-      @project_id = project_id
-      @two_factor_token = two_factor_token
-    end
-
-    def perform
-      user = ForestLiana::AuthorizationGetter.authenticate(
-        @rendering_id,
-        @use_google_authentication,
-        @auth_data,
-        @two_factor_registration
-      )
-
-      if user['two_factor_authentication_enabled']
-        if !@two_factor_token.nil?
-          if is_two_factor_token_valid(user, @two_factor_token)
-            ForestLiana::TwoFactorRegistrationConfirmer
-              .new(@project_id, @use_google_authentication, @auth_data)
-              .perform
-
-            return { 'token' => create_token(user, @rendering_id) }
-          else
-            raise ForestLiana::Errors::HTTP401Error.new('Your token is invalid, please try again.')
-          end
-        else
-          return get_two_factor_response(user)
-        end
-      end
-
-      return { token: create_token(user, @rendering_id) }
-    end
-
-    private
-
-    def check_two_factor_secret_salt
-      if ENV['FOREST_2FA_SECRET_SALT'].nil?
-        FOREST_LOGGER.error 'Cannot use the two factor authentication because the environment variable "FOREST_2FA_SECRET_SALT" is not set.'
-        FOREST_LOGGER.error 'You can generate it using this command: `$ openssl rand -hex 10`'
-
-        raise Errors::HTTP401Error.new('Invalid 2FA configuration, please ask more information to your admin')
-      end
-
-      if ENV['FOREST_2FA_SECRET_SALT'].length != 20
-        FOREST_LOGGER.error 'The FOREST_2FA_SECRET_SALT environment variable must be 20 characters long.'
-        FOREST_LOGGER.error 'You can generate it using this command: `$ openssl rand -hex 10`'
-
-        raise ForestLiana::Errors::HTTP401Error.new('Invalid 2FA configuration, please ask more information to your admin')
-      end
-    end
-
-    def get_two_factor_response(user)
-      check_two_factor_secret_salt
-
-      return { 'twoFactorAuthenticationEnabled' => true } if user['two_factor_authentication_active']
-
-      two_factor_authentication_secret = user['two_factor_authentication_secret']
-      user_secret = ForestLiana::UserSecretCreator
-        .new(two_factor_authentication_secret, ENV['FOREST_2FA_SECRET_SALT'])
-        .perform
-
-      {
-        twoFactorAuthenticationEnabled: true,
-        userSecret: user_secret,
-      }
-    end
-
-    def is_two_factor_token_valid(user, two_factor_token)
-      check_two_factor_secret_salt
-
-      two_factor_authentication_secret = user['two_factor_authentication_secret']
-
-      user_secret = ForestLiana::UserSecretCreator
-        .new(two_factor_authentication_secret, ENV['FOREST_2FA_SECRET_SALT'])
-        .perform
-
-      totp = ROTP::TOTP.new(user_secret)
-      totp.verify(two_factor_token)
-    end
-
-    def create_token(user, rendering_id)
-      ForestLiana::Token.create_token(user, rendering_id)
-    end
-  end
-end

data/app/services/forest_liana/two_factor_registration_confirmer.rb

@@ -1,36 +0,0 @@
-module ForestLiana
-  class TwoFactorRegistrationConfirmer
-    def initialize(
-      project_id,
-      use_google_authentication,
-      auth_data
-    )
-      @project_id = project_id
-      @use_google_authentication = use_google_authentication
-      @auth_data = auth_data
-    end
-
-    def perform
-      begin
-        body_data = { 'useGoogleAuthentication' => @use_google_authentication }
-
-        if @use_google_authentication
-          body_data['forestToken'] = @auth_data[:forest_token]
-        else
-          body_data['email'] = @auth_data[:email]
-        end
-
-        response = ForestLiana::ForestApiRequester.post(
-          "/liana/v2/projects/#{@project_id}/two-factor-registration-confirm",
-          body: body_data,
-        )
-
-        unless response.is_a?(Net::HTTPOK)
-          raise "Cannot retrieve the data from the Forest server. Forest API returned an #{ForestLiana::Errors::HTTPErrorHelper.format(response)}"
-        end
-      rescue
-        raise ForestLiana::Errors::HTTP401Error
-      end
-    end
-  end
-end

data/app/services/forest_liana/user_secret_creator.rb

@@ -1,26 +0,0 @@
-require 'base32'
-
-module ForestLiana
-  # NOTICE: This service combines the 2FA secret stored on the forest server to the local secret
-  #         salt. This guarantees that only the owner of the server and the concerned end user can
-  #         know the final key.
-  #         This is done by using a bitwise exclusive or operation, which guarantees the key to stay
-  #         unique, so it is impossible for two users to have the same key.
-  class UserSecretCreator
-    def initialize(two_factor_authentication_secret, two_factor_secret_salt)
-      @two_factor_authentication_secret = two_factor_authentication_secret
-      @two_factor_secret_salt = two_factor_secret_salt
-    end
-
-    def perform
-      hash = (@two_factor_authentication_secret.to_i(16) ^ @two_factor_secret_salt.to_i(16)).to_s(16)
-      bin_hash = hex_to_bin(hash)
-
-      Base32.encode(bin_hash).tr('=', '')
-    end
-
-    def hex_to_bin(hex_string)
-      hex_string.scan(/../).map { |x| x.hex.chr }.join
-    end
-  end
-end

data/spec/requests/sessions_spec.rb

@@ -1,53 +0,0 @@
-require 'rails_helper'
-require 'openid_connect'
-require 'json'
-
-RSpec.describe "Authentications", type: :request do
-  before() do
-    allow(ForestLiana::IpWhitelist).to receive(:retrieve) { true }
-    allow(ForestLiana::IpWhitelist).to receive(:is_ip_whitelist_retrieved) { true }
-    allow(ForestLiana::IpWhitelist).to receive(:is_ip_valid) { true }
-
-    body = '{"data":{"id":"654","type":"users","attributes":{"email":"user@email.com","first_name":"FirstName","last_name":"LastName","teams":["Operations"]}},"relationships":{"renderings":{"data":[{"id":1,"type":"renderings"}]}}}'
-    allow(ForestLiana::ForestApiRequester).to receive(:get).with(
-      "/liana/v2/renderings/42/authorization", { :headers => { "forest-token" => "google-access-token" }, :query=> {} }
-    ).and_return(
-      instance_double(HTTParty::Response, :body => body, :code => 200)
-    )
-  end
-
-  after() do
-    Rails.cache.delete(URI.join(ForestLiana.application_url, ForestLiana::Engine.routes.url_helpers.authentication_callback_path).to_s)
-  end
-
-  describe "POST /forest/sessions-google" do
-    before() do 
-      post ForestLiana::Engine.routes.url_helpers.sessions_google_path, params: '{ "renderingId": "42", "forestToken": "google-access-token" }', headers: {
-      'Accept' => 'application/json',
-      'Content-Type' => 'application/json',
-    }
-    end
-
-    it "should respond with a 200 code" do
-      expect(response).to have_http_status(200)
-    end
-
-    it "should return a valid authentication token" do
-      response_body = JSON.parse(response.body, :symbolize_names => true)
-      expect(response_body).to have_key(:token)
-
-      token = response_body[:token]
-      decoded = JWT.decode(token, ForestLiana.auth_secret, true, { algorithm: 'HS256' })[0]
-
-      expected_token_data = {
-        "id" => '654',
-        "email" => 'user@email.com',
-        "first_name" => 'FirstName',
-        "last_name" => 'LastName',
-        "rendering_id" => "42",
-        "team" => 'Operations'
-      }
-      expect(decoded).to include(expected_token_data);
-    end
-  end
-end