RubyGems - gdpr_rails - Versions diffs - 0.1.0 → 0.2.0 - Mend

gdpr_rails 0.1.0 → 0.2.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (80) hide show

data/app/controllers/policy_manager/user_terms_controller.rb CHANGED Viewed

@@ -1,27 +1,40 @@
-require_dependency "terms/application_controller"
-require "request_store"
+require_dependency "policy_manager/application_controller"
 module PolicyManager
   class UserTermsController < ApplicationController
+    skip_before_action :user_authenticated?, only: [:show, :accept, :reject, :blocking_terms]
     before_action :set_user_term, only: [:accept, :reject, :show, :edit, :update, :destroy]
-    if defined? Doorman
-      include Doorman::Controller
+    # GET /user_terms/1
+    def show
+      @user_term = current_user.present? ? current_user.handle_policy_for(@term) : UserTerm.new(term: @term, user: nil, state: cookies["policy_rule_#{@term.rule.name}"])
     end
-    # GET /user_terms
-    def index
-      @user_terms = UserTerm.all
+    # GET /pending
+    def pending
+      @pending_policies = current_user.pending_policies
+      respond_to do |format|
+        format.html{ }
+        format.json{ render json: @pending_policies }
+      end
     end
-    # GET /user_terms/1
-    def show
-      @user_term = current_user.handle_policy_for(@term)
+    # GET /blocking_terms
+    def blocking_terms
+      respond_to do |format|
+        format.html{ }
+        format.json{ render json: PolicyManager::Config.rules.map{|p| p.name if p.blocking == true }.compact! }
+      end
     end
-    def pending
+    def accept_multiples
+      rules = current_user.pending_policies.map{|o| "policy_rule_#{o.name}"}
+      resource_params = params.require(:user).permit(rules)
+      current_user.update_attributes(resource_params)
       @pending_policies = current_user.pending_policies
       respond_to do |format|
         format.html{ }
         format.json{ render json: @pending_policies }
@@ -29,8 +42,9 @@ module PolicyManager
     end
     def accept
-      @user_term = current_user.handle_policy_for(@term)
-      @user_term.accept!
+      handle_term_accept
       respond_to do |format|
         format.html{
           if @user_term.errors.any?
@@ -40,13 +54,18 @@ module PolicyManager
           end
         }
         format.js
-        format.json
+        format.json{
+          render json: {
+            status: @user_term ? @user_term.state : cookies["policy_rule_#{@term.rule.name}"]
+          }
+        }
       end
     end
     def reject
-      @user_term = current_user.handle_policy_for(term: @term)
-      @user_term.reject!
+      handle_term_reject
       respond_to do |format|
         format.html{
           if @user_term.errors.any?
@@ -57,13 +76,13 @@ module PolicyManager
         }
         format.js
         format.json{
-          if @user_term.errors.any?
-            render :json, url: root_url , notice: "hey there are some errors! #{@user_term.errors.full_messages.join()}"
+          if @user_term.present? && @user_term.errors.any?
+            render json: { url: root_url , notice: "hey there are some errors! #{@user_term.errors.full_messages.join()}" }
           else
-            render :json, url: root_url
+            render json: {
+              state: @user_term ? @user_term.state : cookies["policy_rule_#{@term.rule.name}"]
+            }
           end
         }
       end
     end
@@ -73,10 +92,6 @@ module PolicyManager
       @user_term = UserTerm.new
     end
-    # GET /user_terms/1/edit
-    def edit
-    end
     # POST /user_terms
     def create
       @user_term = UserTerm.new(user_term_params)
@@ -104,11 +119,36 @@ module PolicyManager
     end
     private
+      def handle_term_accept
+        if current_user
+          @user_term = current_user.handle_policy_for(@term)
+          if @user_term.accept!
+            @term.rule.on_accept.call(self) if @term.rule.on_accept.is_a?(Proc)
+          end
+        end
+        cookies["policy_rule_#{@term.rule.name}"] = {
+          :value => "accepted",
+          :expires => 1.year.from_now
+        }
+      end
+      def handle_term_reject
+        if current_user
+          @user_term = current_user.handle_policy_for(@term)
+          if @user_term.reject!
+            @term.rule.on_reject.call(self) if @term.rule.on_reject.is_a?(Proc)
+          end
+        end
+        cookies.delete("policy_rule_#{@term.rule.name}")
+      end
       # Use callbacks to share common setup or constraints between actions.
       def set_user_term
-        @category = Category.find(params[:id])
+        @category = PolicyManager::Config.rules.find{|o| o.name == params[:id]}
         @term = @category.terms.last
-        #@term = Term.find(params[:id])
       end
       # Only allow a trusted parameter "white list" through.

data/app/helpers/policy_manager/application_helper.rb CHANGED Viewed

@@ -1,4 +1,32 @@
 module PolicyManager
   module ApplicationHelper
+    def bootstrap_class_for flash_type
+      { success: "alert-success", error: "alert-danger", alert: "alert-warning", notice: "alert-info" }[flash_type.to_sym] || flash_type.to_s
+    end
+    def flash_messages(opts = {})
+      flash.each do |msg_type, message|
+        flash.delete(msg_type)
+        concat(content_tag(:div, message, class: "alert #{bootstrap_class_for(msg_type)}") do
+          concat content_tag(:button, "<i class='fa fa-times-circle'></i>".html_safe, class: "close", data: { dismiss: 'alert' })
+          concat message
+        end)
+      end
+      session.delete(:flash)
+      nil
+    end
+    def chart(data)
+      begin
+        column_chart(data.call)
+      rescue Groupdate::Error
+        content_tag(:p, "chart not displayed, Be sure to install time zone support - https://github.com/ankane/groupdate#for-mysql", class: "alert alert-danger")
+      end
+    end
   end
 end

data/app/helpers/policy_manager/portability_requests_helper.rb ADDED Viewed

@@ -0,0 +1,4 @@
+module PolicyManager
+  module PortabilityRequestsHelper
+  end
+end

data/app/helpers/policy_manager/scripts_helper.rb ADDED Viewed

@@ -0,0 +1,11 @@
+module PolicyManager
+  module ScriptsHelper
+    def render_scripts
+      PolicyManager::Script.scripts.map do |c|
+        render( partial: c.script) if c.can_render?
+      end.compact.join(" ").html_safe
+    end
+  end
+end

data/app/helpers/policy_manager/terms_helper.rb CHANGED Viewed

@@ -1,4 +1,4 @@
 module PolicyManager
-  module PolicyManagerHelper
+  module TermsHelper
   end
 end

data/app/helpers/policy_manager/user_portability_requests_helper.rb ADDED Viewed

@@ -0,0 +1,4 @@
+module PolicyManager
+  module UserPortabilityRequestsHelper
+  end
+end

data/app/jobs/policy_manager/exporter_job.rb ADDED Viewed

@@ -0,0 +1,10 @@
+module PolicyManager
+  class ExporterJob < ApplicationJob
+    queue_as :default
+    def perform(user_id)
+      user = User.find(user_id)
+      Config.exporter.perform(user)
+    end
+  end
+end

data/app/mailers/policy_manager/application_mailer.rb CHANGED Viewed

@@ -1,6 +1,24 @@
 module PolicyManager
   class ApplicationMailer < ActionMailer::Base
-    default from: 'from@example.com'
+    default from: Config.from_email
     layout 'mailer'
+    # configurable mailer helpers
+    Config.exporter.mail_helpers.each do |helpers|
+      add_template_helper(helpers)
+    end
+    def send!(opts = {})
+      I18n.locale = Config.user_language(@user)
+      default_opts = {
+        :to => @user.email,
+        :subject => @subject
+      }.merge(opts)
+      mail(default_opts)
+    end
   end
-end
+end

data/app/mailers/policy_manager/portability_mailer.rb ADDED Viewed

@@ -0,0 +1,34 @@
+module PolicyManager
+  class PortabilityMailer < ApplicationMailer
+    def progress_notification(portability_request_id)
+      @portability_request = PortabilityRequest.find(portability_request_id)
+      @user = User.find(@portability_request.user_id)
+      @subject = I18n.t("terms_app.mails.progress.subject")
+      opts = {}
+      opts.merge!({
+        template_path: PolicyManager::Config.exporter.mailer_templates[:path].to_s,
+        template_name: PolicyManager::Config.exporter.mailer_templates[:progress]
+      }) if PolicyManager::Config.exporter.mailer_templates.present?
+      send!(opts)
+    end
+    def completed_notification(portability_request_id)
+      @portability_request = PortabilityRequest.find(portability_request_id)
+      @user = User.find(@portability_request.user_id)
+      @subject = I18n.t("terms_app.mails.completed.subject")
+      @link = @portability_request.download_link
+      opts = {}
+      opts.merge!({
+        template_path: PolicyManager::Config.exporter.mailer_templates[:path].to_s,
+        template_name: PolicyManager::Config.exporter.mailer_templates[:complete]
+      }) if PolicyManager::Config.exporter.mailer_templates.present?
+      send!(opts)
+    end
+  end
+end

data/app/models/policy_manager/concerns/user_behavior.rb CHANGED Viewed

@@ -3,8 +3,73 @@ module PolicyManager::Concerns::UserBehavior
   extend ActiveSupport::Concern
   included do
-    has_many :user_terms, class_name: "PolicyManager::UserTerm"
+    has_many :user_terms, class_name: "PolicyManager::UserTerm", autosave: true
     has_many :terms, through: :user_terms
+    has_many :portability_requests, class_name: "PolicyManager::PortabilityRequest"
+    # adds policies
+    PolicyManager::Config.rules.each do |rule|
+      # next if rule. !internal?
+      rule_name = "policy_rule_#{rule.name}".to_sym
+      attr_accessor rule_name
+      if rule.validates_on
+        validate :"check_#{rule_name}", :on => rule.validates_on, :if => ->(o){
+          return true if rule.if.nil?
+          rule.if.call(o) rescue true
+        }
+        define_method :"check_#{rule_name}" do
+          if self.send(rule_name).blank? && needs_policy_confirmation_for?(rule.name)
+            errors.add(rule_name, "needs confirmation")
+          end
+        end
+      end
+      define_method :"has_consented_#{rule.name}?" do
+        !needs_policy_confirmation_for?(rule.name)
+      end
+      define_method :"#{rule_name}=" do |val=true|
+        self.instance_variable_set("@#{rule_name}", val)
+        ut = user_terms.new
+        ut.term = policy_term_on(rule.name)
+        val ? ut.accept : ut.reject
+      end
+    end
+    # adds portability rules
+    PolicyManager::Config.portability_rules.each do |rule|
+      if rule.collection
+        define_method :"portability_collection_#{rule.name}" do |page=1|
+          portability_collection_for(rule, page)
+        end
+      end
+      if rule.member
+        define_method :"portability_member_#{rule.name}" do
+          portability_member_for(rule)
+        end
+      end
+    end
+  end
+  def
+  def portability_schema
+    PolicyManager::Config.portability_rules.map(&:name)
+  end
+  def portability_member_for(rule)
+    self.send(rule.member)
+  end
+  def portability_collection_for(rule, page)
+    # if kaminari
+    # self.send(rule.collection).page(1)
+    # if will paginate
+    self.send(rule.collection).paginate(page: page, per_page: rule.per)
   end
   def pending_policies
@@ -15,6 +80,12 @@ module PolicyManager::Concerns::UserBehavior
     end
   end
+  def pending_blocking_policies
+    PolicyManager::Config.rules.select do |c|
+      c.blocking && self.needs_policy_confirmation_for?(c.name)
+    end
+  end
   def confirm_all_policies!
     peding_policies.each do |c|
       term = c.terms.last
@@ -31,27 +102,20 @@ module PolicyManager::Concerns::UserBehavior
   def needs_policy_confirmation_for?(rule)
     term = policy_term_on(rule)
-    user_term = policy_user_term_on(rule)
-    return false if term.blank?
+    user_term = policy_user_term_on(term)
     return true if user_term.blank?
+    return true if user_term.rejected?
     term.created_at > user_term.created_at
   end
-  def is_confirmed?
-  end
-  def block_feature?
-  end
   def policy_term_on(rule)
     category = PolicyManager::Config.rules.find{|o| o.name == rule}
-    term = category.terms.last
-    return if term.blank?
+    term = category.terms.where(state: "published").last
+    raise "no term for #{rule} policy" if term.blank?
     term
   end
-  def policy_user_term_on(rule)
-    term = policy_term_on(rule)
+  def policy_user_term_on(term)
     return if term.blank?
     self.user_terms.where(term_id: term.id).first
   end
@@ -62,14 +126,8 @@ module PolicyManager::Concerns::UserBehavior
     end
   end
-  #######
-  ## DATA PORTABILITY
-  #######
-  #######
-  ## DATA FOGOTTABILITY
-  #######
+  def can_request_portability?
+    self.portability_requests.select{|p| p.pending? || p.progress?}.blank?
+  end
 end

data/app/models/policy_manager/portability_request.rb ADDED Viewed

@@ -0,0 +1,65 @@
+require "paperclip"
+require "aasm"
+module PolicyManager
+  class PortabilityRequest < ApplicationRecord
+    include Paperclip::Glue
+    belongs_to :user
+    has_attached_file :attachment,
+      path: Config.exporter.try(:attachment_path) || Rails.root.join("tmp/portability/:id/build.zip").to_s,
+      storage: Config.exporter.try(:attachment_storage) || :filesystem,
+      s3_permissions: :private
+    do_not_validate_attachment_file_type :attachment
+    include AASM
+    aasm column: :state do
+      state :pending, :initial => true
+      state :progress, :after_enter => :handle_progress
+      state :completed, :after_enter => :notify_completeness
+      event :confirm do
+        transitions from: :pending, to: :progress
+      end
+      event :complete do
+        transitions from: :progress, to: :completed
+      end
+    end
+    def user_email
+      self.user.email
+    end
+    def file_remote_url=(url_value)
+      self.attachment = File.open(url_value) unless url_value.blank?
+      self.save
+      self.complete!
+    end
+    def download_link
+      self.attachment.expiring_url(PolicyManager::Config.exporter.expiration_link)
+    end
+    def handle_progress
+      notify_progress
+      perform_job
+    end
+    def perform_job
+      ExporterJob.set(queue: :default).perform_later(self.user.id)
+    end
+    def notify_progress
+      PortabilityMailer.progress_notification(self.id).deliver_now
+    end
+    def notify_completeness
+      PortabilityMailer.completed_notification(self.id).deliver_now
+    end
+  end
+end

data/app/models/policy_manager/term.rb CHANGED Viewed

@@ -1,9 +1,27 @@
 require "redcarpet"
+require "aasm"
 module PolicyManager
   class Term < ApplicationRecord
+    include AASM
     validates_presence_of :rule
+    validates_presence_of :description
+    validates_presence_of :state
+    aasm :column => :state do
+      state :draft, :initial => true # db column's default
+      state :published
+      event :publish do
+        transitions from: :draft, to: :published
+      end
+      event :unpublish do
+        transitions from: :published, to: :draft
+      end
+    end
     def self.renderer
       @markdown = markdown = Redcarpet::Markdown.new(Redcarpet::Render::HTML, autolink: true, tables: true)

data/app/models/policy_manager/user_term.rb CHANGED Viewed

@@ -1,18 +1,25 @@
+require "aasm"
 module PolicyManager
   class UserTerm < ApplicationRecord
+    include AASM
     belongs_to :user
     belongs_to :term
     validates_uniqueness_of :term_id, :scope => :user_id
-    def accept!
-      self.state = "accepted"
-      self.save
-    end
+    aasm :column => :state do
+      state :rejected, :initial => true
+      state :accepted
+      event :accept do
+        transitions from: :rejected, to: :accepted
+      end
-    def reject!
-      self.state = "rejected"
-      self.save
+      event :reject do
+        transitions from: :accepted, to: :rejected
+      end
     end
   end

data/app/views/layouts/policy_manager/application.html.erb CHANGED Viewed

@@ -1,7 +1,7 @@
 <!DOCTYPE html>
 <html>
 <head>
-  <title>Terms</title>
+  <title><%= I18n.t("terms_app.title") %></title>
   <%= csrf_meta_tags %>
@@ -15,77 +15,79 @@
   <link rel="stylesheet" href="https://cdn.jsdelivr.net/simplemde/latest/simplemde.min.css">
   <script src="https://cdn.jsdelivr.net/simplemde/latest/simplemde.min.js"></script>
-  <%= stylesheet_link_tag    "terms/application", media: "all" %>
-  <%= javascript_include_tag "terms/application" %>
+  <link rel="stylesheet" href="https://use.fontawesome.com/releases/v5.0.10/css/all.css" integrity="sha384-+d0P83n9kaQMCwj8F4RJB66tzIwOKmrdb46+porD/OvrJ+37WqIM7UoBtwHO6Nlg" crossorigin="anonymous">
+  <%= javascript_include_tag "https://www.gstatic.com/charts/loader.js" %>
+  <%= stylesheet_link_tag    "policy_manager/application", media: "all" %>
+  <%= javascript_include_tag "policy_manager/application", debug: false %>
 </head>
 <body>
   <nav class="navbar navbar-dark sticky-top bg-dark flex-md-nowrap p-0">
-    <a class="navbar-brand col-sm-3 col-md-2 mr-0" href="#">PREYPROJECT</a>
-    <input class="form-control form-control-dark w-100" type="text" placeholder="Search" aria-label="Search">
+    <a class="navbar-brand col-sm-3 col-md-2 mr-0" href="/">
+      <%= I18n.t("terms_app.sub_title") %></a>
     <ul class="navbar-nav px-3">
       <li class="nav-item text-nowrap">
-        <a class="nav-link" href="#">Sign out</a>
+        <% if PolicyManager::Config.logout_url.present? %>
+          <a class="nav-link" href="<%= PolicyManager::Config.logout_url %>"><%= I18n.t("terms_app.sign_out") %></a>
+        <% end %>
       </li>
     </ul>
   </nav>
   <div class="container-fluid">
     <div class="row">
       <nav class="col-md-2 d-none d-md-block bg-light sidebar">
         <div class="sidebar-sticky">
           <ul class="nav flex-column">
+            <% if PolicyManager::Config.is_admin?(current_user) %>
+              <li class="nav-item">
+                <a class="nav-link" href="<%= categories_path %>">
+                  <i class="fas fa-balance-scale"></i>
+                  <%= I18n.t("terms_app.menu.policies") %>
+                </a>
+              </li>
+            <% end %>
+            <% if PolicyManager::Config.is_admin?(current_user) %>
+              <li class="nav-item">
+                <a class="nav-link" href="<%= portability_requests_path %>">
+                  <i class="fas fa-suitcase"></i>
+                  <%= I18n.t("terms_app.menu.portability_requests") %>
+                </a>
+              </li>
+            <% end %>
+            <li class="separator"></li>
             <li class="nav-item">
-              <a class="nav-link active" href="<%= root_url %>">
-                <svg xmlns="http://www.w3.org/2000/svg" width="24" height="24" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" class="feather feather-home"><path d="M3 9l9-7 9 7v11a2 2 0 0 1-2 2H5a2 2 0 0 1-2-2z"></path><polyline points="9 22 9 12 15 12 15 22"></polyline></svg>
-                Dashboard <span class="sr-only">(current)</span>
+              <a class="nav-link" href="<%= pending_user_terms_path %>">
+                <i class="fas fa-user-secret"></i>
+                <%= I18n.t("terms_app.menu.user_pending_policies") %>
               </a>
             </li>
             <li class="nav-item">
-              <a class="nav-link" href="<%= categories_path %>">
-                <svg xmlns="http://www.w3.org/2000/svg" width="24" height="24" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" class="feather feather-file"><path d="M13 2H6a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h12a2 2 0 0 0 2-2V9z"></path><polyline points="13 2 13 9 20 9"></polyline></svg>
-                Categories
-              </a>
-            </li>
-            <li class="nav-item">
-              <a class="nav-link" href="<%= pending_user_terms_path %>">
-                <svg xmlns="http://www.w3.org/2000/svg" width="24" height="24" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" class="feather feather-file"><path d="M13 2H6a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h12a2 2 0 0 0 2-2V9z"></path><polyline points="13 2 13 9 20 9"></polyline></svg>
-                user's pending policies
+              <a class="nav-link" href="<%= user_portability_requests_path %>">
+                <i class="fas fa-suitcase"></i>
+                <%= I18n.t("terms_app.menu.user_portability_requests") %>
               </a>
             </li>
           </ul>
         </div>
       </nav>
       <main role="main" class="col-md-9 ml-sm-auto col-lg-10 pt-3 px-4">
-        <div class="d-flex justify-content-between flex-wrap flex-md-nowrap align-items-center pb-2 mb-3 border-bottom">
-          <h1 class="h2">Policies</h1>
-          <div class="btn-toolbar mb-2 mb-md-0">
-            <div class="btn-group mr-2">
-              <button class="btn btn-sm btn-outline-secondary">Share</button>
-              <button class="btn btn-sm btn-outline-secondary">Export</button>
-            </div>
-          </div>
-        </div>
         <p id="notice">
-          <%= notice %>
+          <%= flash_messages %>
         </p>
         <%= yield %>
       </main>
     </div>
   </div>
 </body>