hello-rails 0.0.0 → 0.5.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/MIT-LICENSE +20 -0
- data/README.md +97 -0
- data/Rakefile +23 -0
- data/app/controllers/hello/application_controller.rb +27 -0
- data/app/controllers/hello/authentication/sessions_controller.rb +81 -0
- data/app/controllers/hello/authentication/sign_in_controller.rb +39 -0
- data/app/controllers/hello/authentication/sudo_mode_controller.rb +40 -0
- data/app/controllers/hello/concerns/authentication/sign_in.rb +44 -0
- data/app/controllers/hello/concerns/management/forgot_password.rb +45 -0
- data/app/controllers/hello/concerns/management/reset_password.rb +33 -0
- data/app/controllers/hello/concerns/registration/sign_up.rb +64 -0
- data/app/controllers/hello/internationalization/locale_controller.rb +28 -0
- data/app/controllers/hello/management/accesses_controller.rb +29 -0
- data/app/controllers/hello/management/confirm_emails_controller.rb +41 -0
- data/app/controllers/hello/management/emails_controller.rb +67 -0
- data/app/controllers/hello/management/forgot_password_controller.rb +41 -0
- data/app/controllers/hello/management/passwords_controller.rb +57 -0
- data/app/controllers/hello/management/profiles_controller.rb +71 -0
- data/app/controllers/hello/management/reset_password_controller.rb +53 -0
- data/app/controllers/hello/registration/sign_up_controller.rb +63 -0
- data/app/helpers/hello/application_helper.rb +5 -0
- data/app/mailers/hello/mailer.rb +26 -0
- data/app/models/access.rb +2 -0
- data/app/models/credential.rb +2 -0
- data/app/models/email_credential.rb +2 -0
- data/app/models/password_credential.rb +2 -0
- data/app/models/user.rb +2 -0
- data/app/views/hello/authentication/_sign_in.html.erb +64 -0
- data/app/views/hello/authentication/new_session.html.erb +4 -0
- data/app/views/hello/authentication/sessions.html.erb +36 -0
- data/app/views/hello/authentication/sign_in.html.erb +3 -0
- data/app/views/hello/authentication/sudo_mode.html.erb +37 -0
- data/app/views/hello/internationalization/locales.html.erb +7 -0
- data/app/views/hello/mailer/confirm_email.html.erb +12 -0
- data/app/views/hello/mailer/forgot_password.html.erb +12 -0
- data/app/views/hello/mailer/welcome.html.erb +11 -0
- data/app/views/hello/management/accesses.html.erb +47 -0
- data/app/views/hello/management/cancel.html.erb +14 -0
- data/app/views/hello/management/email_credentials/expired_confirmation_token.html.erb +1 -0
- data/app/views/hello/management/email_credentials/index.html.erb +84 -0
- data/app/views/hello/management/password_credentials/_forgot_form.html.erb +17 -0
- data/app/views/hello/management/password_credentials/_reset_form.html.erb +39 -0
- data/app/views/hello/management/password_credentials/forgot.html.erb +10 -0
- data/app/views/hello/management/password_credentials/forgot_success.html.erb +26 -0
- data/app/views/hello/management/password_credentials/reset.html.erb +3 -0
- data/app/views/hello/management/password_credentials/show.html.erb +25 -0
- data/app/views/hello/management/user.html.erb +73 -0
- data/app/views/hello/registration/_sign_up.html.erb +86 -0
- data/app/views/hello/registration/sign_up.html.erb +3 -0
- data/app/views/hello/registration/sign_up_widget.html.erb +3 -0
- data/app/views/hello/shared/_errors.html.erb +11 -0
- data/app/views/hello/shared/_flash.html.erb +8 -0
- data/app/views/hello/shared/_nav_pills.html.erb +15 -0
- data/app/views/hello/shared/_session_expiration.html.erb +15 -0
- data/app/views/hello/shared/_settings.html.erb +41 -0
- data/config/locales/hello.en.yml +69 -0
- data/config/locales/hello.es.yml +71 -0
- data/config/locales/hello.fr.yml +71 -0
- data/config/locales/hello.pl.yml +71 -0
- data/config/locales/hello.pt-BR.yml +71 -0
- data/config/locales/hello.zh-CN.yml +71 -0
- data/config/locales/hello.zh-TW.yml +71 -0
- data/config/routes.rb +74 -0
- data/db/migrate/1_create_credentials.rb +17 -0
- data/db/migrate/2_create_accesses.rb +15 -0
- data/db/migrate/3_create_users.rb +23 -0
- data/lib/generators/hello/concerns/USAGE +8 -0
- data/lib/generators/hello/concerns/concerns_generator.rb +10 -0
- data/lib/generators/hello/from_devise/USAGE +8 -0
- data/lib/generators/hello/from_devise/from_devise_generator.rb +13 -0
- data/lib/generators/hello/from_devise/templates/from_devise.migration.rb +39 -0
- data/lib/generators/hello/install/USAGE +8 -0
- data/lib/generators/hello/install/install_generator.rb +94 -0
- data/lib/generators/hello/install/templates/application.html.erb +35 -0
- data/lib/generators/hello/install/templates/hello_helper.rb +16 -0
- data/lib/generators/hello/install/templates/initializer.rb +24 -0
- data/lib/generators/hello/install/templates/models/concerns/user/authorization.rb +21 -0
- data/lib/generators/hello/install/templates/models/user.rb +9 -0
- data/lib/generators/hello/install/templates/onboarding/index.html.erb +5 -0
- data/lib/generators/hello/install/templates/onboarding/onboarding_controller.rb +33 -0
- data/lib/generators/hello/install/templates/root/index.html.erb +7 -0
- data/lib/generators/hello/install/templates/root/root_controller.rb +6 -0
- data/lib/generators/hello/install/templates/users/controllers/users_controller.rb +71 -0
- data/lib/generators/hello/install/templates/users/views/users/index.html.erb +29 -0
- data/lib/generators/hello/install/templates/users/views/users/list.html.erb +35 -0
- data/lib/generators/hello/install/templates/users/views/users/new.html.erb +60 -0
- data/lib/generators/hello/install/templates/users/views/users/show.html.erb +74 -0
- data/lib/generators/hello/locales/USAGE +12 -0
- data/lib/generators/hello/locales/locales_generator.rb +64 -0
- data/lib/generators/hello/views/USAGE +8 -0
- data/lib/generators/hello/views/views_generator.rb +9 -0
- data/lib/hello-rails.rb +1 -0
- data/lib/hello.rb +36 -0
- data/lib/hello/CHANGES.md +26 -0
- data/lib/hello/business.rb +47 -0
- data/lib/hello/business/authentication/sign_in.rb +92 -0
- data/lib/hello/business/authentication/sign_out.rb +8 -0
- data/lib/hello/business/authentication/sudo_mode_authentication.rb +25 -0
- data/lib/hello/business/authentication/sudo_mode_expiration.rb +17 -0
- data/lib/hello/business/base.rb +33 -0
- data/lib/hello/business/internationalization/update_locale.rb +33 -0
- data/lib/hello/business/management/add_email.rb +19 -0
- data/lib/hello/business/management/cancel_account.rb +22 -0
- data/lib/hello/business/management/confirm_email.rb +36 -0
- data/lib/hello/business/management/forgot_password.rb +47 -0
- data/lib/hello/business/management/remove_email.rb +19 -0
- data/lib/hello/business/management/reset_password.rb +34 -0
- data/lib/hello/business/management/send_confirmation_email.rb +40 -0
- data/lib/hello/business/management/unlink_access.rb +8 -0
- data/lib/hello/business/management/update_profile.rb +44 -0
- data/lib/hello/business/registration/sign_up.rb +159 -0
- data/lib/hello/configuration.rb +12 -0
- data/lib/hello/encryptors.rb +6 -0
- data/lib/hello/encryptors/complex.rb +25 -0
- data/lib/hello/encryptors/simple.rb +27 -0
- data/lib/hello/engine.rb +23 -0
- data/lib/hello/errors.rb +12 -0
- data/lib/hello/locales.rb +238 -0
- data/lib/hello/middleware.rb +13 -0
- data/lib/hello/rails_active_record.rb +10 -0
- data/lib/hello/rails_active_record/access.rb +65 -0
- data/lib/hello/rails_active_record/credential.rb +51 -0
- data/lib/hello/rails_active_record/email_credential.rb +60 -0
- data/lib/hello/rails_active_record/password_credential.rb +70 -0
- data/lib/hello/rails_active_record/user.rb +99 -0
- data/lib/hello/rails_controller.rb +124 -0
- data/lib/hello/rails_controller/restrict_by_role.rb +79 -0
- data/lib/hello/rails_helper.rb +35 -0
- data/lib/hello/request_manager.rb +14 -0
- data/lib/hello/request_manager/abstract.rb +77 -0
- data/lib/hello/request_manager/factory.rb +32 -0
- data/lib/hello/request_manager/stateful.rb +53 -0
- data/lib/hello/request_manager/stateful/finder.rb +58 -0
- data/lib/hello/request_manager/stateful/session_wrapper.rb +37 -0
- data/lib/hello/request_manager/stateless.rb +35 -0
- data/lib/hello/time_zones.rb +7 -0
- data/lib/hello/utils.rb +11 -0
- data/lib/hello/utils/device_name.rb +34 -0
- data/lib/hello/version.rb +4 -0
- data/lib/tasks/hello_tasks.rake +4 -0
- data/spec/bdd/hello/authentication/authorization/authorization_role_restriction_spec.rb +291 -0
- data/spec/bdd/hello/authentication/authorization/authorization_router_constraints_spec.rb +41 -0
- data/spec/bdd/hello/authentication/authorization/authorization_sensitive_restriction_spec.rb +84 -0
- data/spec/bdd/hello/authentication/authorization/bdd.yml +1 -0
- data/spec/bdd/hello/authentication/bdd.yml +1 -0
- data/spec/bdd/hello/authentication/classic_sign_in_spec.rb +264 -0
- data/spec/bdd/hello/authentication/manage_sessions_spec.rb +292 -0
- data/spec/bdd/hello/authentication/sign_out_spec.rb +159 -0
- data/spec/bdd/hello/bdd.yml +1 -0
- data/spec/bdd/hello/internalionalization/anyone_can_change_their_locale/bdd.yml +1 -0
- data/spec/bdd/hello/internalionalization/anyone_can_change_their_locale/change_locale_on_the_locale_page_spec.rb +90 -0
- data/spec/bdd/hello/internalionalization/anyone_can_change_their_locale/change_locale_on_the_profile_page_spec.rb +64 -0
- data/spec/bdd/hello/internalionalization/anyone_can_change_their_locale/change_locale_on_the_sign_in_form_spec.rb +31 -0
- data/spec/bdd/hello/internalionalization/anyone_can_change_their_locale/change_locale_on_the_sign_up_form_spec.rb +34 -0
- data/spec/bdd/hello/internalionalization/anyone_can_change_their_timezone/bdd.yml +1 -0
- data/spec/bdd/hello/internalionalization/anyone_can_change_their_timezone/change_timezone_on_the_profile_page_spec.rb +14 -0
- data/spec/bdd/hello/internalionalization/anyone_can_change_their_timezone/change_timezone_on_the_sign_in_form_spec.rb +14 -0
- data/spec/bdd/hello/internalionalization/anyone_can_change_their_timezone/change_timezone_on_the_sign_up_form_spec.rb +14 -0
- data/spec/bdd/hello/internalionalization/bdd.yml +1 -0
- data/spec/bdd/hello/management/bdd.yml +1 -0
- data/spec/bdd/hello/management/cancel_account_spec.rb +128 -0
- data/spec/bdd/hello/management/manage_email_credentials/bdd.yml +1 -0
- data/spec/bdd/hello/management/manage_email_credentials/manage_email_credentials_emails_api_spec.rb +7 -0
- data/spec/bdd/hello/management/manage_email_credentials/manage_email_credentials_emails_page_spec.rb +252 -0
- data/spec/bdd/hello/management/manage_password_credentials/bdd.yml +1 -0
- data/spec/bdd/hello/management/manage_password_credentials/manage_password_forgot_password_spec.rb +68 -0
- data/spec/bdd/hello/management/manage_password_credentials/manage_password_page_spec.rb +60 -0
- data/spec/bdd/hello/management/manage_password_credentials/manage_password_reset_password_spec.rb +145 -0
- data/spec/bdd/hello/management/manage_profile/bdd.yml +1 -0
- data/spec/bdd/hello/management/manage_profile/manage_profile_api_spec.rb +7 -0
- data/spec/bdd/hello/management/manage_profile/manage_profile_page_spec.rb +65 -0
- data/spec/bdd/hello/management/manage_social_credentials/bdd.yml +1 -0
- data/spec/bdd/hello/management/manage_social_credentials/manage_social_credentials_pending_spec.rb +7 -0
- data/spec/bdd/hello/management/unlink_sessions_spec.rb +59 -0
- data/spec/bdd/hello/other/bdd.yml +1 -0
- data/spec/bdd/hello/other/create_user_spec.rb +70 -0
- data/spec/bdd/hello/other/impersonate_user_spec.rb +58 -0
- data/spec/bdd/hello/other/list_users_spec.rb +86 -0
- data/spec/bdd/hello/registration/bdd.yml +1 -0
- data/spec/bdd/hello/registration/classic_sign_up_spec.rb +228 -0
- data/spec/bdd/hello/registration/onboarding_process_spec.rb +101 -0
- data/spec/bdd/hello/support.rb +62 -0
- data/spec/business/hello/authentication/sign_in_spec.rb +72 -0
- data/spec/business/hello/registration/sign_up_spec.rb +258 -0
- data/spec/controllers/authentication_spec.rb +97 -0
- data/spec/controllers/localization_spec.rb +65 -0
- data/spec/controllers/request_can_carry_an_access_token_spec.rb +223 -0
- data/spec/fixtures/hello/password_mailer/confirmation +3 -0
- data/spec/fixtures/hello/password_mailer/forgot +3 -0
- data/spec/fixtures/hello/password_mailer/sign_up +3 -0
- data/spec/mailers/hello/mailer_spec.rb +53 -0
- data/spec/models/access_spec.rb +19 -0
- data/spec/models/credential_spec.rb +9 -0
- data/spec/models/email_credential_spec.rb +163 -0
- data/spec/models/hello/sign_up_model_spec.rb +64 -0
- data/spec/models/password_credential_spec.rb +75 -0
- data/spec/models/user_spec.rb +93 -0
- data/spec/others/configuration_spec.rb +25 -0
- data/spec/others/encryptors/complex_spec.rb +26 -0
- data/spec/others/encryptors/simple_spec.rb +21 -0
- data/spec/others/helper_spec.rb +10 -0
- data/spec/others/localization_consistency_spec.rb +73 -0
- data/spec/requests/forgot_password_spec.rb +36 -0
- data/spec/requests/reset_password_spec.rb +7 -0
- data/spec/requests/security/user_spec.rb +19 -0
- data/spec/routing/hello/accesses_routing_spec.rb +17 -0
- data/spec/routing/hello/emails_routing_spec.rb +37 -0
- data/spec/routing/hello/locale_routing_spec.rb +17 -0
- data/spec/routing/hello/profile_routing_spec.rb +29 -0
- data/spec/routing/hello/registration_routing_spec.rb +23 -0
- data/spec/routing/hello/sign_out_routing_spec.rb +11 -0
- data/spec/routing/hello/sudo_mode_routing_spec.rb +23 -0
- data/spec/routing/hello/users_routing_spec.rb +15 -0
- data/spec/spec_helper.rb +9 -0
- data/spec/spec_helper/codeclimate.rb +2 -0
- data/spec/spec_helper/configure_rspec.rb +23 -0
- data/spec/spec_helper/create_database.rb +5 -0
- data/spec/spec_helper/dummy_and_test_dependencies.rb +17 -0
- data/spec/spec_helper/support.rb +1 -0
- data/spec/support/factories.rb +60 -0
- data/spec/support/feature_injection.rb +118 -0
- data/spec/support/features/feature_support_given.rb +46 -0
- data/spec/support/features/feature_support_then.rb +43 -0
- data/spec/support/helpers/aliases.rb +76 -0
- data/spec/support/helpers/configuration.rb +6 -0
- data/spec/support/helpers/current.rb +16 -0
- data/spec/support/helpers/expect.rb +61 -0
- data/spec/support/helpers/given.rb +49 -0
- data/spec/support/helpers/shortcuts.rb +24 -0
- data/spec/support/helpers/then.rb +29 -0
- data/spec/support/helpers/when.rb +108 -0
- data/spec/support/requests/request_support.rb +8 -0
- data/spec/utils/device_name_spec.rb +228 -0
- metadata +562 -11
@@ -0,0 +1,14 @@
|
|
1
|
+
module Hello
|
2
|
+
module RequestManager
|
3
|
+
|
4
|
+
def self.create(request)
|
5
|
+
Factory.new(request).create
|
6
|
+
end
|
7
|
+
|
8
|
+
autoload :Factory, 'hello/request_manager/factory'
|
9
|
+
autoload :Abstract, 'hello/request_manager/abstract'
|
10
|
+
autoload :Stateless, 'hello/request_manager/stateless'
|
11
|
+
autoload :Stateful, 'hello/request_manager/stateful'
|
12
|
+
|
13
|
+
end
|
14
|
+
end
|
@@ -0,0 +1,77 @@
|
|
1
|
+
module Hello
|
2
|
+
module RequestManager
|
3
|
+
class Abstract
|
4
|
+
def initialize(request)
|
5
|
+
@request = request
|
6
|
+
end
|
7
|
+
|
8
|
+
def clear_cache
|
9
|
+
@current_access = @current_accesses = nil
|
10
|
+
end
|
11
|
+
|
12
|
+
def signed_in?
|
13
|
+
!!current_user
|
14
|
+
end
|
15
|
+
|
16
|
+
def is_current_user?(user)
|
17
|
+
current_user == user
|
18
|
+
end
|
19
|
+
|
20
|
+
def is_current_access?(access)
|
21
|
+
current_access == access
|
22
|
+
end
|
23
|
+
|
24
|
+
def current_user
|
25
|
+
current_access && current_access.user
|
26
|
+
end
|
27
|
+
|
28
|
+
def current_accesses
|
29
|
+
fail NotImplementedError
|
30
|
+
end
|
31
|
+
|
32
|
+
def current_access
|
33
|
+
fail NotImplementedError
|
34
|
+
end
|
35
|
+
|
36
|
+
def stateful?
|
37
|
+
fail NotImplementedError
|
38
|
+
end
|
39
|
+
|
40
|
+
def sign_in!(user, expires_at = nil, sudo_expires_at = nil)
|
41
|
+
expires_at ||= 30.minutes.from_now
|
42
|
+
|
43
|
+
attrs = {
|
44
|
+
user: user,
|
45
|
+
user_agent_string: user_agent,
|
46
|
+
expires_at: expires_at,
|
47
|
+
ip: remote_ip
|
48
|
+
}
|
49
|
+
attrs[:sudo_expires_at] = sudo_expires_at if sudo_expires_at
|
50
|
+
::Access.create!(attrs)
|
51
|
+
end
|
52
|
+
|
53
|
+
def sign_out!(access = current_access)
|
54
|
+
access && access.destroy!
|
55
|
+
clear_cache
|
56
|
+
end
|
57
|
+
|
58
|
+
# protected
|
59
|
+
|
60
|
+
def user_agent
|
61
|
+
request.user_agent || 'blank_user_agent'
|
62
|
+
end
|
63
|
+
|
64
|
+
def remote_ip
|
65
|
+
request.remote_ip
|
66
|
+
end
|
67
|
+
|
68
|
+
def request
|
69
|
+
@request
|
70
|
+
end
|
71
|
+
|
72
|
+
def env
|
73
|
+
request.env
|
74
|
+
end
|
75
|
+
end
|
76
|
+
end
|
77
|
+
end
|
@@ -0,0 +1,32 @@
|
|
1
|
+
module Hello
|
2
|
+
module RequestManager
|
3
|
+
class Factory
|
4
|
+
|
5
|
+
def initialize(request)
|
6
|
+
@request = request
|
7
|
+
end
|
8
|
+
|
9
|
+
def create
|
10
|
+
klass.new(@request)
|
11
|
+
end
|
12
|
+
|
13
|
+
private
|
14
|
+
|
15
|
+
def klass
|
16
|
+
is_stateless? ? Stateless : Stateful
|
17
|
+
end
|
18
|
+
|
19
|
+
def is_stateless?
|
20
|
+
has_host_api? || has_url_api?
|
21
|
+
end
|
22
|
+
|
23
|
+
def has_host_api?
|
24
|
+
@request.host.starts_with?('api.')
|
25
|
+
end
|
26
|
+
|
27
|
+
def has_url_api?
|
28
|
+
@request.fullpath.starts_with?('/api/')
|
29
|
+
end
|
30
|
+
end
|
31
|
+
end
|
32
|
+
end
|
@@ -0,0 +1,53 @@
|
|
1
|
+
module Hello
|
2
|
+
module RequestManager
|
3
|
+
class Stateful < Abstract
|
4
|
+
|
5
|
+
autoload :Finder, 'hello/request_manager/stateful/finder'
|
6
|
+
autoload :SessionWrapper, 'hello/request_manager/stateful/session_wrapper'
|
7
|
+
|
8
|
+
def initialize(*args)
|
9
|
+
super(*args)
|
10
|
+
@finder = Finder.new(self)
|
11
|
+
@session_wrapper = SessionWrapper.new(self)
|
12
|
+
end
|
13
|
+
|
14
|
+
delegate :session_token, :session_token=,
|
15
|
+
:session_tokens, :session_tokens=,
|
16
|
+
:refresh_session_tokens,
|
17
|
+
to: :@session_wrapper
|
18
|
+
|
19
|
+
def stateful?
|
20
|
+
true
|
21
|
+
end
|
22
|
+
|
23
|
+
# read
|
24
|
+
|
25
|
+
delegate :current_accesses, to: :@finder
|
26
|
+
|
27
|
+
def current_access
|
28
|
+
if session_token.presence
|
29
|
+
@current_access ||= current_accesses.find { |a| a.token == session_token }
|
30
|
+
end
|
31
|
+
end
|
32
|
+
|
33
|
+
# write
|
34
|
+
|
35
|
+
def sign_in!(*args)
|
36
|
+
super(*args).tap do |access|
|
37
|
+
self.session_token = access.token
|
38
|
+
session_tokens << access.token
|
39
|
+
end
|
40
|
+
end
|
41
|
+
|
42
|
+
# delete
|
43
|
+
|
44
|
+
def sign_out!(access = current_access)
|
45
|
+
self.session_token = session_tokens.first if is_current_access?(access)
|
46
|
+
|
47
|
+
super(access)
|
48
|
+
|
49
|
+
refresh_session_tokens
|
50
|
+
end
|
51
|
+
end
|
52
|
+
end
|
53
|
+
end
|
@@ -0,0 +1,58 @@
|
|
1
|
+
module Hello
|
2
|
+
module RequestManager
|
3
|
+
class Stateful < Abstract
|
4
|
+
class Finder
|
5
|
+
def initialize(manager)
|
6
|
+
@manager = manager
|
7
|
+
end
|
8
|
+
|
9
|
+
def current_accesses
|
10
|
+
@models || models
|
11
|
+
end
|
12
|
+
|
13
|
+
def models
|
14
|
+
gather_wanted_strings
|
15
|
+
gather_wanted_models
|
16
|
+
|
17
|
+
gather_valid_strings
|
18
|
+
ensure_consistency_accross_models_and_session
|
19
|
+
|
20
|
+
@models
|
21
|
+
end
|
22
|
+
|
23
|
+
private
|
24
|
+
|
25
|
+
def gather_wanted_strings
|
26
|
+
@wanted_strings = @manager.session_tokens
|
27
|
+
end
|
28
|
+
|
29
|
+
def gather_wanted_models
|
30
|
+
strings = @wanted_strings
|
31
|
+
|
32
|
+
# a small attempt to avoid a database call unless needed
|
33
|
+
case strings.size
|
34
|
+
when 0 then return @models = []
|
35
|
+
when 1 then strings = strings.first
|
36
|
+
end
|
37
|
+
|
38
|
+
# TODO:
|
39
|
+
# optimize this process since each string starts with the user_id,
|
40
|
+
# check StatelessRequestManager for example
|
41
|
+
|
42
|
+
@models = ::Access.where(token: strings)
|
43
|
+
end
|
44
|
+
|
45
|
+
def gather_valid_strings
|
46
|
+
@valid_strings = @models.map(&:active_token_or_destroy).map(&:presence).compact
|
47
|
+
end
|
48
|
+
|
49
|
+
def ensure_consistency_accross_models_and_session
|
50
|
+
if @wanted_strings != @valid_strings
|
51
|
+
@manager.session_tokens = @valid_strings
|
52
|
+
@models = @models.select { |a| @valid_strings.include?(a.token) }
|
53
|
+
end
|
54
|
+
end
|
55
|
+
end
|
56
|
+
end
|
57
|
+
end
|
58
|
+
end
|
@@ -0,0 +1,37 @@
|
|
1
|
+
module Hello
|
2
|
+
module RequestManager
|
3
|
+
class Stateful < Abstract
|
4
|
+
class SessionWrapper
|
5
|
+
def initialize(manager)
|
6
|
+
@manager = manager
|
7
|
+
end
|
8
|
+
|
9
|
+
def session_tokens
|
10
|
+
session['tokens'] ||= []
|
11
|
+
end
|
12
|
+
|
13
|
+
def session_tokens=(v)
|
14
|
+
session['tokens'] = v
|
15
|
+
@manager.clear_cache
|
16
|
+
end
|
17
|
+
|
18
|
+
def session_token
|
19
|
+
session['token']
|
20
|
+
end
|
21
|
+
|
22
|
+
def session_token=(v)
|
23
|
+
session['token'] = v
|
24
|
+
@manager.clear_cache
|
25
|
+
end
|
26
|
+
|
27
|
+
def refresh_session_tokens
|
28
|
+
self.session_tokens = ::Access.where(token: session_tokens).pluck(:token)
|
29
|
+
end
|
30
|
+
|
31
|
+
def session
|
32
|
+
@manager.request.session
|
33
|
+
end
|
34
|
+
end
|
35
|
+
end
|
36
|
+
end
|
37
|
+
end
|
@@ -0,0 +1,35 @@
|
|
1
|
+
module Hello
|
2
|
+
module RequestManager
|
3
|
+
class Stateless < Abstract
|
4
|
+
def current_accesses
|
5
|
+
[]
|
6
|
+
end
|
7
|
+
|
8
|
+
def current_access
|
9
|
+
@current_access ||= begin
|
10
|
+
return nil unless string = param || header
|
11
|
+
return nil unless user_id = string.split('-').first
|
12
|
+
return nil unless user = ::User.find_by_id(user_id)
|
13
|
+
return nil unless model = user.accesses.find_by_token(string)
|
14
|
+
return nil unless model.active_token_or_destroy
|
15
|
+
|
16
|
+
model
|
17
|
+
end
|
18
|
+
end
|
19
|
+
|
20
|
+
def stateful?
|
21
|
+
false
|
22
|
+
end
|
23
|
+
|
24
|
+
private
|
25
|
+
|
26
|
+
def param
|
27
|
+
request.parameters['access_token']
|
28
|
+
end
|
29
|
+
|
30
|
+
def header
|
31
|
+
request.headers['HTTP_ACCESS_TOKEN']
|
32
|
+
end
|
33
|
+
end
|
34
|
+
end
|
35
|
+
end
|
data/lib/hello/utils.rb
ADDED
@@ -0,0 +1,34 @@
|
|
1
|
+
require 'user_agent_parser'
|
2
|
+
|
3
|
+
module Hello
|
4
|
+
module Utils
|
5
|
+
class DeviceName
|
6
|
+
# https://github.com/toolmantim/user_agent_parser
|
7
|
+
# Instantiate the parser on load as it's quite expensive
|
8
|
+
include Singleton
|
9
|
+
|
10
|
+
def parse(user_agent_string)
|
11
|
+
obj = user_agent_parser.parse(user_agent_string)
|
12
|
+
a_browser = obj.to_s
|
13
|
+
a_os = obj.os.to_s
|
14
|
+
a_browser = "#{obj.name} #{obj.version && obj.version.major}".strip
|
15
|
+
a_os = "#{obj.os.name} #{obj.os.version && obj.os.version.major}".strip
|
16
|
+
a_device = obj.device.name
|
17
|
+
|
18
|
+
a_browser = a_browser.gsub('IE', 'Internet Explorer') if a_browser.start_with? 'IE'
|
19
|
+
|
20
|
+
if a_device == 'Other'
|
21
|
+
"#{a_os} - #{a_browser}"
|
22
|
+
elsif a_device == 'Spider'
|
23
|
+
"Spider: #{a_browser}"
|
24
|
+
else
|
25
|
+
"#{a_os} (#{a_device}) - #{a_browser}"
|
26
|
+
end.strip
|
27
|
+
end
|
28
|
+
|
29
|
+
def user_agent_parser
|
30
|
+
@uap = UserAgentParser::Parser.new
|
31
|
+
end
|
32
|
+
end
|
33
|
+
end
|
34
|
+
end
|
@@ -0,0 +1,291 @@
|
|
1
|
+
require 'spec_helper'
|
2
|
+
|
3
|
+
RSpec.bdd.uic "Role Restriction" do
|
4
|
+
|
5
|
+
|
6
|
+
|
7
|
+
def _then_allowed
|
8
|
+
Then "I should be allowed" do
|
9
|
+
expect_to_see "yes!"
|
10
|
+
end
|
11
|
+
end
|
12
|
+
|
13
|
+
def _then_redirect_to_root
|
14
|
+
Then "I should be taken home" do
|
15
|
+
expect(current_path).to eq '/'
|
16
|
+
end
|
17
|
+
end
|
18
|
+
|
19
|
+
def _then_redirect_to_sign_in
|
20
|
+
Then "I should be taken to sign in" do
|
21
|
+
expect(current_path).to eq hello.sign_in_path
|
22
|
+
end
|
23
|
+
end
|
24
|
+
|
25
|
+
def _then_redirect_to_onboarding
|
26
|
+
Then "I should be taken to onboarding" do
|
27
|
+
expect(current_path).to eq '/onboarding'
|
28
|
+
end
|
29
|
+
end
|
30
|
+
|
31
|
+
|
32
|
+
|
33
|
+
|
34
|
+
|
35
|
+
|
36
|
+
story "Guest Area" do
|
37
|
+
def _when_I_visit
|
38
|
+
When "I visit the Guest Area" do
|
39
|
+
visit '/my_areas/guest_page'
|
40
|
+
end
|
41
|
+
end
|
42
|
+
|
43
|
+
|
44
|
+
|
45
|
+
scenario "As a Guest" do
|
46
|
+
given_I_have_not_signed_in
|
47
|
+
_when_I_visit
|
48
|
+
_then_allowed
|
49
|
+
end
|
50
|
+
|
51
|
+
|
52
|
+
|
53
|
+
scenario "As an Onboarding" do
|
54
|
+
given_I_have_signed_in_as_an_onboarding
|
55
|
+
_when_I_visit
|
56
|
+
_then_redirect_to_onboarding
|
57
|
+
end
|
58
|
+
|
59
|
+
|
60
|
+
|
61
|
+
scenario "As a User" do
|
62
|
+
given_I_have_signed_in_as_a_user
|
63
|
+
_when_I_visit
|
64
|
+
_then_redirect_to_root
|
65
|
+
end
|
66
|
+
|
67
|
+
|
68
|
+
|
69
|
+
scenario "As a Webmaster" do
|
70
|
+
given_I_have_signed_in_as_a_webmaster
|
71
|
+
_when_I_visit
|
72
|
+
_then_redirect_to_root
|
73
|
+
end
|
74
|
+
end
|
75
|
+
|
76
|
+
|
77
|
+
|
78
|
+
story "Onboarding Area" do
|
79
|
+
|
80
|
+
def _when_I_visit
|
81
|
+
When "I visit the Onboarding Area" do
|
82
|
+
visit '/my_areas/onboarding_page'
|
83
|
+
end
|
84
|
+
end
|
85
|
+
|
86
|
+
|
87
|
+
|
88
|
+
scenario "As a Guest" do
|
89
|
+
given_I_have_not_signed_in
|
90
|
+
_when_I_visit
|
91
|
+
_then_redirect_to_sign_in
|
92
|
+
end
|
93
|
+
|
94
|
+
|
95
|
+
scenario "As an Onboarding" do
|
96
|
+
given_I_have_signed_in_as_an_onboarding
|
97
|
+
_when_I_visit
|
98
|
+
_then_allowed
|
99
|
+
end
|
100
|
+
|
101
|
+
|
102
|
+
scenario "As a User" do
|
103
|
+
given_I_have_signed_in_as_a_user
|
104
|
+
_when_I_visit
|
105
|
+
_then_redirect_to_root
|
106
|
+
end
|
107
|
+
|
108
|
+
|
109
|
+
scenario "As a Webmaster" do
|
110
|
+
given_I_have_signed_in_as_a_webmaster
|
111
|
+
_when_I_visit
|
112
|
+
_then_redirect_to_root
|
113
|
+
end
|
114
|
+
end
|
115
|
+
|
116
|
+
|
117
|
+
|
118
|
+
story "Authenticated Area" do
|
119
|
+
def _when_I_visit
|
120
|
+
When "I visit the Authenticated Area" do
|
121
|
+
visit '/my_areas/authenticated_page'
|
122
|
+
end
|
123
|
+
end
|
124
|
+
|
125
|
+
|
126
|
+
|
127
|
+
scenario "As a Guest" do
|
128
|
+
given_I_have_not_signed_in
|
129
|
+
_when_I_visit
|
130
|
+
_then_redirect_to_sign_in
|
131
|
+
end
|
132
|
+
|
133
|
+
|
134
|
+
|
135
|
+
scenario "As an Onboarding" do
|
136
|
+
given_I_have_signed_in_as_an_onboarding
|
137
|
+
_when_I_visit
|
138
|
+
_then_allowed
|
139
|
+
end
|
140
|
+
|
141
|
+
|
142
|
+
|
143
|
+
scenario "As a User" do
|
144
|
+
given_I_have_signed_in_as_a_user
|
145
|
+
_when_I_visit
|
146
|
+
_then_allowed
|
147
|
+
end
|
148
|
+
|
149
|
+
|
150
|
+
|
151
|
+
scenario "As a Webmaster" do
|
152
|
+
given_I_have_signed_in_as_a_webmaster
|
153
|
+
_when_I_visit
|
154
|
+
_then_allowed
|
155
|
+
end
|
156
|
+
end
|
157
|
+
|
158
|
+
|
159
|
+
|
160
|
+
story "User Area" do
|
161
|
+
def _when_I_visit
|
162
|
+
When "I visit the User Area" do
|
163
|
+
visit '/my_areas/user_page'
|
164
|
+
end
|
165
|
+
end
|
166
|
+
|
167
|
+
|
168
|
+
|
169
|
+
scenario "As a Guest" do
|
170
|
+
given_I_have_not_signed_in
|
171
|
+
_when_I_visit
|
172
|
+
_then_redirect_to_sign_in
|
173
|
+
end
|
174
|
+
|
175
|
+
|
176
|
+
|
177
|
+
scenario "As an Onboarding" do
|
178
|
+
given_I_have_signed_in_as_an_onboarding
|
179
|
+
_when_I_visit
|
180
|
+
_then_redirect_to_onboarding
|
181
|
+
end
|
182
|
+
|
183
|
+
|
184
|
+
|
185
|
+
scenario "As a User" do
|
186
|
+
given_I_have_signed_in_as_a_user
|
187
|
+
_when_I_visit
|
188
|
+
_then_allowed
|
189
|
+
end
|
190
|
+
|
191
|
+
|
192
|
+
|
193
|
+
scenario "As a Webmaster" do
|
194
|
+
given_I_have_signed_in_as_a_webmaster
|
195
|
+
_when_I_visit
|
196
|
+
_then_allowed
|
197
|
+
end
|
198
|
+
end
|
199
|
+
|
200
|
+
|
201
|
+
|
202
|
+
story "Webmaster Area" do
|
203
|
+
def _when_I_visit
|
204
|
+
When "I visit the Webmaster Area" do
|
205
|
+
visit '/my_areas/webmaster_page'
|
206
|
+
end
|
207
|
+
end
|
208
|
+
|
209
|
+
|
210
|
+
|
211
|
+
scenario "As a Guest" do
|
212
|
+
given_I_have_not_signed_in
|
213
|
+
_when_I_visit
|
214
|
+
_then_redirect_to_sign_in
|
215
|
+
end
|
216
|
+
|
217
|
+
|
218
|
+
|
219
|
+
scenario "As an Onboarding" do
|
220
|
+
given_I_have_signed_in_as_an_onboarding
|
221
|
+
_when_I_visit
|
222
|
+
_then_redirect_to_onboarding
|
223
|
+
end
|
224
|
+
|
225
|
+
|
226
|
+
|
227
|
+
scenario "As a User" do
|
228
|
+
given_I_have_signed_in_as_a_user
|
229
|
+
_when_I_visit
|
230
|
+
_then_redirect_to_root
|
231
|
+
end
|
232
|
+
|
233
|
+
|
234
|
+
|
235
|
+
scenario "As a Webmaster" do
|
236
|
+
given_I_have_signed_in_as_a_webmaster
|
237
|
+
_when_I_visit
|
238
|
+
_then_allowed
|
239
|
+
end
|
240
|
+
end
|
241
|
+
|
242
|
+
|
243
|
+
|
244
|
+
story "Non Webmaster Area" do
|
245
|
+
def _when_I_visit
|
246
|
+
When "I visit the Non Webmaster Area" do
|
247
|
+
visit '/my_areas/non_webmaster_page'
|
248
|
+
end
|
249
|
+
end
|
250
|
+
|
251
|
+
|
252
|
+
|
253
|
+
scenario "As a Guest" do
|
254
|
+
given_I_have_not_signed_in
|
255
|
+
_when_I_visit
|
256
|
+
_then_allowed
|
257
|
+
end
|
258
|
+
|
259
|
+
|
260
|
+
|
261
|
+
scenario "As an Onboarding" do
|
262
|
+
given_I_have_signed_in_as_an_onboarding
|
263
|
+
_when_I_visit
|
264
|
+
_then_allowed
|
265
|
+
end
|
266
|
+
|
267
|
+
|
268
|
+
|
269
|
+
scenario "As a User" do
|
270
|
+
given_I_have_signed_in_as_a_user
|
271
|
+
_when_I_visit
|
272
|
+
_then_allowed
|
273
|
+
end
|
274
|
+
|
275
|
+
|
276
|
+
|
277
|
+
scenario "As a Webmaster" do
|
278
|
+
given_I_have_signed_in_as_a_webmaster
|
279
|
+
_when_I_visit
|
280
|
+
_then_redirect_to_root
|
281
|
+
end
|
282
|
+
end
|
283
|
+
|
284
|
+
|
285
|
+
|
286
|
+
|
287
|
+
|
288
|
+
|
289
|
+
|
290
|
+
|
291
|
+
end
|