gdpr_rails 0.1.0 → 0.2.0

data/app/controllers/policy_manager/user_terms_controller.rb

@@ -1,27 +1,40 @@
-require_dependency "terms/application_controller"
-
-require "request_store"
+require_dependency "policy_manager/application_controller"
 
 module PolicyManager
   class UserTermsController < ApplicationController
+
+    skip_before_action :user_authenticated?, only: [:show, :accept, :reject, :blocking_terms]
     before_action :set_user_term, only: [:accept, :reject, :show, :edit, :update, :destroy]
 
-    if defined? Doorman
-      include Doorman::Controller
+    # GET /user_terms/1
+    def show
+      @user_term = current_user.present? ? current_user.handle_policy_for(@term) : UserTerm.new(term: @term, user: nil, state: cookies["policy_rule_#{@term.rule.name}"])
     end
 
-    # GET /user_terms
-    def index
-      @user_terms = UserTerm.all
+    # GET /pending
+    def pending
+      @pending_policies = current_user.pending_policies
+      respond_to do |format|
+        format.html{ }
+        format.json{ render json: @pending_policies }
+      end
     end
 
-    # GET /user_terms/1
-    def show
-      @user_term = current_user.handle_policy_for(@term)
+    # GET /blocking_terms
+    def blocking_terms
+      respond_to do |format|
+        format.html{ }
+        format.json{ render json: PolicyManager::Config.rules.map{|p| p.name if p.blocking == true }.compact! }
+      end
     end
 
-    def pending
+    def accept_multiples
+      rules = current_user.pending_policies.map{|o| "policy_rule_#{o.name}"}
+      resource_params = params.require(:user).permit(rules)
+      current_user.update_attributes(resource_params)
+      
       @pending_policies = current_user.pending_policies
+      
       respond_to do |format|
         format.html{ }
         format.json{ render json: @pending_policies }
@@ -29,8 +42,9 @@ module PolicyManager
     end
 
     def accept
-      @user_term = current_user.handle_policy_for(@term)
-      @user_term.accept!
+      
+      handle_term_accept
+
       respond_to do |format|
         format.html{ 
           if @user_term.errors.any?
@@ -40,13 +54,18 @@ module PolicyManager
           end
         }
         format.js
-        format.json
+        format.json{
+          render json: {
+            status: @user_term ? @user_term.state : cookies["policy_rule_#{@term.rule.name}"]
+          }
+        }
       end
     end
 
     def reject
-      @user_term = current_user.handle_policy_for(term: @term)
-      @user_term.reject!
+
+      handle_term_reject
+
       respond_to do |format|
         format.html{ 
           if @user_term.errors.any?
@@ -57,13 +76,13 @@ module PolicyManager
         }
         format.js
         format.json{
-
-          if @user_term.errors.any?
-            render :json, url: root_url , notice: "hey there are some errors! #{@user_term.errors.full_messages.join()}"
+          if @user_term.present? && @user_term.errors.any?
+            render json: { url: root_url , notice: "hey there are some errors! #{@user_term.errors.full_messages.join()}" }
           else
-            render :json, url: root_url 
+            render json: {
+              state: @user_term ? @user_term.state : cookies["policy_rule_#{@term.rule.name}"]
+            }
           end
-
         }
       end
     end
@@ -73,10 +92,6 @@ module PolicyManager
       @user_term = UserTerm.new
     end
 
-    # GET /user_terms/1/edit
-    def edit
-    end
-
     # POST /user_terms
     def create
       @user_term = UserTerm.new(user_term_params)
@@ -104,11 +119,36 @@ module PolicyManager
     end
 
     private
+
+      def handle_term_accept
+        if current_user
+          @user_term = current_user.handle_policy_for(@term)
+          if @user_term.accept!
+            @term.rule.on_accept.call(self) if @term.rule.on_accept.is_a?(Proc)
+          end
+        end
+
+        cookies["policy_rule_#{@term.rule.name}"] = {
+          :value => "accepted",
+          :expires => 1.year.from_now
+        }
+      end
+
+      def handle_term_reject
+        if current_user
+          @user_term = current_user.handle_policy_for(@term)
+          if @user_term.reject!
+            @term.rule.on_reject.call(self) if @term.rule.on_reject.is_a?(Proc)
+          end
+        end
+
+        cookies.delete("policy_rule_#{@term.rule.name}")
+      end
+
       # Use callbacks to share common setup or constraints between actions.
       def set_user_term
-        @category = Category.find(params[:id])
+        @category = PolicyManager::Config.rules.find{|o| o.name == params[:id]}
         @term = @category.terms.last
-        #@term = Term.find(params[:id])
       end
 
       # Only allow a trusted parameter "white list" through.

data/app/helpers/policy_manager/application_helper.rb

@@ -1,4 +1,32 @@
 module PolicyManager
   module ApplicationHelper
+
+    def bootstrap_class_for flash_type
+      { success: "alert-success", error: "alert-danger", alert: "alert-warning", notice: "alert-info" }[flash_type.to_sym] || flash_type.to_s
+    end
+
+    def flash_messages(opts = {})
+
+      flash.each do |msg_type, message|
+        flash.delete(msg_type)
+        concat(content_tag(:div, message, class: "alert #{bootstrap_class_for(msg_type)}") do 
+          concat content_tag(:button, "<i class='fa fa-times-circle'></i>".html_safe, class: "close", data: { dismiss: 'alert' })
+          concat message 
+        end)
+      end
+
+      session.delete(:flash)
+      nil
+    end
+
+
+    def chart(data)
+      begin
+        column_chart(data.call)
+      rescue Groupdate::Error
+        content_tag(:p, "chart not displayed, Be sure to install time zone support - https://github.com/ankane/groupdate#for-mysql", class: "alert alert-danger")
+      end
+    end
+
   end
 end

data/app/helpers/policy_manager/portability_requests_helper.rb

@@ -0,0 +1,4 @@
+module PolicyManager
+  module PortabilityRequestsHelper
+  end
+end

data/app/helpers/policy_manager/scripts_helper.rb

@@ -0,0 +1,11 @@
+module PolicyManager
+  module ScriptsHelper
+
+    def render_scripts
+      PolicyManager::Script.scripts.map do |c|
+        render( partial: c.script) if c.can_render?
+      end.compact.join(" ").html_safe
+    end
+
+  end
+end

data/app/helpers/policy_manager/terms_helper.rb

@@ -1,4 +1,4 @@
 module PolicyManager
-  module PolicyManagerHelper
+  module TermsHelper
   end
 end

data/app/helpers/policy_manager/user_portability_requests_helper.rb

@@ -0,0 +1,4 @@
+module PolicyManager
+  module UserPortabilityRequestsHelper
+  end
+end

data/app/jobs/policy_manager/exporter_job.rb

@@ -0,0 +1,10 @@
+module PolicyManager
+  class ExporterJob < ApplicationJob
+    queue_as :default
+   
+    def perform(user_id)
+      user = User.find(user_id)
+      Config.exporter.perform(user)
+    end
+  end
+end

data/app/mailers/policy_manager/application_mailer.rb

@@ -1,6 +1,24 @@
 module PolicyManager
   class ApplicationMailer < ActionMailer::Base
-    default from: 'from@example.com'
+    default from: Config.from_email
     layout 'mailer'
+
+    # configurable mailer helpers
+    Config.exporter.mail_helpers.each do |helpers|
+      add_template_helper(helpers)
+    end
+
+    def send!(opts = {})
+
+      I18n.locale = Config.user_language(@user)
+
+      default_opts = {
+        :to => @user.email, 
+        :subject => @subject
+      }.merge(opts)
+
+      mail(default_opts)
+    end
+
   end
-end
+end

data/app/mailers/policy_manager/portability_mailer.rb

@@ -0,0 +1,34 @@
+module PolicyManager
+  class PortabilityMailer < ApplicationMailer
+
+    def progress_notification(portability_request_id)
+      @portability_request = PortabilityRequest.find(portability_request_id)
+      @user = User.find(@portability_request.user_id)
+      @subject = I18n.t("terms_app.mails.progress.subject")
+      
+      opts = {}
+      opts.merge!({
+        template_path: PolicyManager::Config.exporter.mailer_templates[:path].to_s, 
+        template_name: PolicyManager::Config.exporter.mailer_templates[:progress]
+      }) if PolicyManager::Config.exporter.mailer_templates.present?
+      
+      send!(opts)
+    end
+
+    def completed_notification(portability_request_id)
+      @portability_request = PortabilityRequest.find(portability_request_id)
+      @user = User.find(@portability_request.user_id)
+      @subject = I18n.t("terms_app.mails.completed.subject")
+      @link = @portability_request.download_link
+      
+      opts = {}
+      opts.merge!({
+        template_path: PolicyManager::Config.exporter.mailer_templates[:path].to_s, 
+        template_name: PolicyManager::Config.exporter.mailer_templates[:complete]
+      }) if PolicyManager::Config.exporter.mailer_templates.present?
+      
+      send!(opts)
+    end
+
+  end
+end

data/app/models/policy_manager/concerns/user_behavior.rb

@@ -3,8 +3,73 @@ module PolicyManager::Concerns::UserBehavior
   extend ActiveSupport::Concern
 
   included do
-    has_many :user_terms, class_name: "PolicyManager::UserTerm"
+    has_many :user_terms, class_name: "PolicyManager::UserTerm", autosave: true
     has_many :terms, through: :user_terms
+    has_many :portability_requests, class_name: "PolicyManager::PortabilityRequest"
+
+    # adds policies
+    PolicyManager::Config.rules.each do |rule|
+      # next if rule. !internal?
+      rule_name = "policy_rule_#{rule.name}".to_sym
+      attr_accessor rule_name
+
+      if rule.validates_on
+
+        validate :"check_#{rule_name}", :on => rule.validates_on, :if => ->(o){ 
+          return true if rule.if.nil? 
+          rule.if.call(o) rescue true 
+        }
+
+        define_method :"check_#{rule_name}" do
+          if self.send(rule_name).blank? && needs_policy_confirmation_for?(rule.name)
+            errors.add(rule_name, "needs confirmation")
+          end
+        end  
+      end  
+      
+      define_method :"has_consented_#{rule.name}?" do
+        !needs_policy_confirmation_for?(rule.name)
+      end
+
+      define_method :"#{rule_name}=" do |val=true|
+        self.instance_variable_set("@#{rule_name}", val)
+        ut = user_terms.new
+        ut.term = policy_term_on(rule.name)
+        val ? ut.accept : ut.reject
+      end
+    end
+
+    # adds portability rules
+    PolicyManager::Config.portability_rules.each do |rule|
+      if rule.collection 
+        define_method :"portability_collection_#{rule.name}" do |page=1|
+          portability_collection_for(rule, page)
+        end
+      end
+
+      if rule.member
+        define_method :"portability_member_#{rule.name}" do
+          portability_member_for(rule)
+        end
+      end
+    end
+  end
+
+  def 
+
+  def portability_schema
+    PolicyManager::Config.portability_rules.map(&:name)
+  end
+
+  def portability_member_for(rule)
+    self.send(rule.member)
+  end
+
+  def portability_collection_for(rule, page)
+    # if kaminari
+    # self.send(rule.collection).page(1)
+    # if will paginate
+    self.send(rule.collection).paginate(page: page, per_page: rule.per)
   end
 
   def pending_policies
@@ -15,6 +80,12 @@ module PolicyManager::Concerns::UserBehavior
     end
   end
 
+  def pending_blocking_policies
+    PolicyManager::Config.rules.select do |c|
+      c.blocking && self.needs_policy_confirmation_for?(c.name)
+    end
+  end
+
   def confirm_all_policies!
     peding_policies.each do |c|
       term = c.terms.last
@@ -31,27 +102,20 @@ module PolicyManager::Concerns::UserBehavior
 
   def needs_policy_confirmation_for?(rule)
     term = policy_term_on(rule)
-    user_term = policy_user_term_on(rule)
-    return false if term.blank? 
+    user_term = policy_user_term_on(term)
     return true if user_term.blank?
+    return true if user_term.rejected?
     term.created_at > user_term.created_at
   end
 
-  def is_confirmed?
-  end
-
-  def block_feature?
-  end
-
   def policy_term_on(rule)
     category = PolicyManager::Config.rules.find{|o| o.name == rule}
-    term = category.terms.last
-    return if term.blank?
+    term = category.terms.where(state: "published").last
+    raise "no term for #{rule} policy" if term.blank?
     term
   end
 
-  def policy_user_term_on(rule)
-    term = policy_term_on(rule)
+  def policy_user_term_on(term)
     return if term.blank?
     self.user_terms.where(term_id: term.id).first
   end
@@ -62,14 +126,8 @@ module PolicyManager::Concerns::UserBehavior
     end
   end
 
-
-  #######
-  ## DATA PORTABILITY
-  #######
-
-
-  #######
-  ## DATA FOGOTTABILITY
-  #######
+  def can_request_portability?
+    self.portability_requests.select{|p| p.pending? || p.progress?}.blank?
+  end
 
 end

data/app/models/policy_manager/portability_request.rb

@@ -0,0 +1,65 @@
+require "paperclip"
+require "aasm"
+
+module PolicyManager
+  class PortabilityRequest < ApplicationRecord
+    include Paperclip::Glue
+
+    belongs_to :user
+
+    has_attached_file :attachment, 
+      path: Config.exporter.try(:attachment_path) || Rails.root.join("tmp/portability/:id/build.zip").to_s, 
+      storage: Config.exporter.try(:attachment_storage) || :filesystem,
+      s3_permissions: :private
+
+    do_not_validate_attachment_file_type :attachment
+
+    include AASM
+
+    aasm column: :state do
+      state :pending, :initial => true
+      state :progress, :after_enter => :handle_progress
+      state :completed, :after_enter => :notify_completeness
+
+      event :confirm do
+        transitions from: :pending, to: :progress
+      end
+
+      event :complete do
+        transitions from: :progress, to: :completed
+      end
+    end
+
+    def user_email
+      self.user.email
+    end
+
+    def file_remote_url=(url_value)
+      self.attachment = File.open(url_value) unless url_value.blank?
+      self.save
+      self.complete!
+    end
+
+    def download_link
+      self.attachment.expiring_url(PolicyManager::Config.exporter.expiration_link)
+    end
+
+    def handle_progress
+      notify_progress
+      perform_job
+    end
+
+    def perform_job
+      ExporterJob.set(queue: :default).perform_later(self.user.id)
+    end
+
+    def notify_progress
+      PortabilityMailer.progress_notification(self.id).deliver_now
+    end
+
+    def notify_completeness
+      PortabilityMailer.completed_notification(self.id).deliver_now
+    end
+
+  end
+end

data/app/models/policy_manager/term.rb

@@ -1,9 +1,27 @@
 require "redcarpet"
+require "aasm"
 
 module PolicyManager
   class Term < ApplicationRecord
+    include AASM
 
     validates_presence_of :rule
+    validates_presence_of :description
+    validates_presence_of :state
+
+    aasm :column => :state do
+      state :draft, :initial => true # db column's default
+      state :published
+
+      event :publish do
+        transitions from: :draft, to: :published
+      end
+
+      event :unpublish do
+        transitions from: :published, to: :draft
+      end
+
+    end
 
     def self.renderer
       @markdown = markdown = Redcarpet::Markdown.new(Redcarpet::Render::HTML, autolink: true, tables: true)

data/app/models/policy_manager/user_term.rb

@@ -1,18 +1,25 @@
+require "aasm"
+
 module PolicyManager
   class UserTerm < ApplicationRecord
+    include AASM
+    
     belongs_to :user
     belongs_to :term
 
     validates_uniqueness_of :term_id, :scope => :user_id
 
-    def accept!
-      self.state = "accepted"
-      self.save
-    end
+    aasm :column => :state do
+      state :rejected, :initial => true
+      state :accepted
+
+      event :accept do
+        transitions from: :rejected, to: :accepted
+      end
 
-    def reject!
-      self.state = "rejected"
-      self.save
+      event :reject do
+        transitions from: :accepted, to: :rejected
+      end
     end
 
   end

data/app/views/layouts/policy_manager/application.html.erb

@@ -1,7 +1,7 @@
 <!DOCTYPE html>
 <html>
 <head>
-  <title>Terms</title>
+  <title><%= I18n.t("terms_app.title") %></title>
 
   <%= csrf_meta_tags %>
 
@@ -15,77 +15,79 @@
   <link rel="stylesheet" href="https://cdn.jsdelivr.net/simplemde/latest/simplemde.min.css">
   <script src="https://cdn.jsdelivr.net/simplemde/latest/simplemde.min.js"></script>
 
-  <%= stylesheet_link_tag    "terms/application", media: "all" %>
-  <%= javascript_include_tag "terms/application" %>
+  <link rel="stylesheet" href="https://use.fontawesome.com/releases/v5.0.10/css/all.css" integrity="sha384-+d0P83n9kaQMCwj8F4RJB66tzIwOKmrdb46+porD/OvrJ+37WqIM7UoBtwHO6Nlg" crossorigin="anonymous">
+
+  <%= javascript_include_tag "https://www.gstatic.com/charts/loader.js" %>
+  <%= stylesheet_link_tag    "policy_manager/application", media: "all" %>
+  <%= javascript_include_tag "policy_manager/application", debug: false %>
 
 </head>
 <body>
 
   <nav class="navbar navbar-dark sticky-top bg-dark flex-md-nowrap p-0">
-    <a class="navbar-brand col-sm-3 col-md-2 mr-0" href="#">PREYPROJECT</a>
-    <input class="form-control form-control-dark w-100" type="text" placeholder="Search" aria-label="Search">
+    <a class="navbar-brand col-sm-3 col-md-2 mr-0" href="/">
+      <%= I18n.t("terms_app.sub_title") %></a>
     <ul class="navbar-nav px-3">
       <li class="nav-item text-nowrap">
-        <a class="nav-link" href="#">Sign out</a>
+        <% if PolicyManager::Config.logout_url.present? %>
+          <a class="nav-link" href="<%= PolicyManager::Config.logout_url %>"><%= I18n.t("terms_app.sign_out") %></a>
+        <% end %>
       </li>
     </ul>
   </nav>
 
   <div class="container-fluid">
-
-
     <div class="row">
       <nav class="col-md-2 d-none d-md-block bg-light sidebar">
         <div class="sidebar-sticky">
           <ul class="nav flex-column">
+            <% if PolicyManager::Config.is_admin?(current_user) %>
+              <li class="nav-item">
+                <a class="nav-link" href="<%= categories_path %>">
+                  <i class="fas fa-balance-scale"></i>
+                  <%= I18n.t("terms_app.menu.policies") %> 
+                </a>
+              </li>
+            <% end %>
+            
+
+            <% if PolicyManager::Config.is_admin?(current_user) %>
+              <li class="nav-item">
+                <a class="nav-link" href="<%= portability_requests_path %>">
+                  <i class="fas fa-suitcase"></i>
+                  <%= I18n.t("terms_app.menu.portability_requests") %>
+                </a>
+              </li>
+            <% end %>
+
+            <li class="separator"></li>
+
             <li class="nav-item">
-              <a class="nav-link active" href="<%= root_url %>">
-                <svg xmlns="http://www.w3.org/2000/svg" width="24" height="24" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" class="feather feather-home"><path d="M3 9l9-7 9 7v11a2 2 0 0 1-2 2H5a2 2 0 0 1-2-2z"></path><polyline points="9 22 9 12 15 12 15 22"></polyline></svg>
-                Dashboard <span class="sr-only">(current)</span>
+              <a class="nav-link" href="<%= pending_user_terms_path %>">
+                <i class="fas fa-user-secret"></i>
+                <%= I18n.t("terms_app.menu.user_pending_policies") %>       
               </a>
             </li>
+          
             <li class="nav-item">
-              <a class="nav-link" href="<%= categories_path %>">
-                <svg xmlns="http://www.w3.org/2000/svg" width="24" height="24" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" class="feather feather-file"><path d="M13 2H6a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h12a2 2 0 0 0 2-2V9z"></path><polyline points="13 2 13 9 20 9"></polyline></svg>
-                Categories
-              </a>
-            </li>
-
-
-            <li class="nav-item">
-              <a class="nav-link" href="<%= pending_user_terms_path %>">
-                <svg xmlns="http://www.w3.org/2000/svg" width="24" height="24" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" class="feather feather-file"><path d="M13 2H6a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h12a2 2 0 0 0 2-2V9z"></path><polyline points="13 2 13 9 20 9"></polyline></svg>
-                user's pending policies
+              <a class="nav-link" href="<%= user_portability_requests_path %>">
+                <i class="fas fa-suitcase"></i>
+                <%= I18n.t("terms_app.menu.user_portability_requests") %>
               </a>
             </li>
+  
           </ul>
 
         </div>
       </nav>
 
       <main role="main" class="col-md-9 ml-sm-auto col-lg-10 pt-3 px-4">
-        
-        <div class="d-flex justify-content-between flex-wrap flex-md-nowrap align-items-center pb-2 mb-3 border-bottom">
-          <h1 class="h2">Policies</h1>
-          <div class="btn-toolbar mb-2 mb-md-0">
-            <div class="btn-group mr-2">
-              <button class="btn btn-sm btn-outline-secondary">Share</button>
-              <button class="btn btn-sm btn-outline-secondary">Export</button>
-            </div>
-          </div>
-        </div>
-
         <p id="notice">
-          <%= notice %>
+          <%= flash_messages %>
         </p>
-
         <%= yield %>
       </main>
     </div>
-
-
-
-    
   </div>
 
 </body>