RubyGems - hello-rails - Versions diffs - 0.0.0 → 0.5.0 - Mend

hello-rails 0.0.0 → 0.5.0

Files changed (235) hide show

@@ -0,0 +1,14 @@
+module Hello
+  module RequestManager
+    def self.create(request)
+      Factory.new(request).create
+    end
+    autoload :Factory,   'hello/request_manager/factory'
+    autoload :Abstract,  'hello/request_manager/abstract'
+    autoload :Stateless, 'hello/request_manager/stateless'
+    autoload :Stateful,  'hello/request_manager/stateful'
+  end
+end

data/lib/hello/request_manager/abstract.rb ADDED

@@ -0,0 +1,77 @@
+module Hello
+  module RequestManager
+    class Abstract
+      def initialize(request)
+        @request = request
+      end
+      def clear_cache
+        @current_access = @current_accesses = nil
+      end
+      def signed_in?
+        !!current_user
+      end
+      def is_current_user?(user)
+        current_user == user
+      end
+      def is_current_access?(access)
+        current_access == access
+      end
+      def current_user
+        current_access && current_access.user
+      end
+      def current_accesses
+        fail NotImplementedError
+      end
+      def current_access
+        fail NotImplementedError
+      end
+      def stateful?
+        fail NotImplementedError
+      end
+      def sign_in!(user, expires_at = nil, sudo_expires_at = nil)
+        expires_at ||= 30.minutes.from_now
+        attrs = {
+          user:               user,
+          user_agent_string:  user_agent,
+          expires_at:         expires_at,
+          ip:                 remote_ip
+        }
+        attrs[:sudo_expires_at] = sudo_expires_at if sudo_expires_at
+        ::Access.create!(attrs)
+      end
+      def sign_out!(access = current_access)
+        access && access.destroy!
+        clear_cache
+      end
+      # protected
+      def user_agent
+        request.user_agent || 'blank_user_agent'
+      end
+      def remote_ip
+        request.remote_ip
+      end
+      def request
+        @request
+      end
+      def env
+        request.env
+      end
+    end
+  end
+end

data/lib/hello/request_manager/factory.rb ADDED

@@ -0,0 +1,32 @@
+module Hello
+  module RequestManager
+    class Factory
+      def initialize(request)
+        @request = request
+      end
+      def create
+        klass.new(@request)
+      end
+      private
+      def klass
+        is_stateless? ? Stateless : Stateful
+      end
+      def is_stateless?
+        has_host_api? || has_url_api?
+      end
+      def has_host_api?
+        @request.host.starts_with?('api.')
+      end
+      def has_url_api?
+        @request.fullpath.starts_with?('/api/')
+      end
+    end
+  end
+end

data/lib/hello/request_manager/stateful.rb ADDED

@@ -0,0 +1,53 @@
+module Hello
+  module RequestManager
+    class Stateful < Abstract
+      autoload :Finder, 'hello/request_manager/stateful/finder'
+      autoload :SessionWrapper, 'hello/request_manager/stateful/session_wrapper'
+      def initialize(*args)
+        super(*args)
+        @finder          = Finder.new(self)
+        @session_wrapper = SessionWrapper.new(self)
+      end
+      delegate :session_token,  :session_token=,
+               :session_tokens, :session_tokens=,
+               :refresh_session_tokens,
+               to: :@session_wrapper
+      def stateful?
+        true
+      end
+      # read
+      delegate :current_accesses, to: :@finder
+      def current_access
+        if session_token.presence
+          @current_access ||= current_accesses.find { |a| a.token == session_token }
+        end
+      end
+      # write
+      def sign_in!(*args)
+        super(*args).tap do |access|
+          self.session_token = access.token
+          session_tokens << access.token
+        end
+      end
+      # delete
+      def sign_out!(access = current_access)
+        self.session_token = session_tokens.first if is_current_access?(access)
+        super(access)
+        refresh_session_tokens
+      end
+    end
+  end
+end

data/lib/hello/request_manager/stateful/finder.rb ADDED

@@ -0,0 +1,58 @@
+module Hello
+  module RequestManager
+    class Stateful < Abstract
+      class Finder
+        def initialize(manager)
+          @manager = manager
+        end
+        def current_accesses
+          @models || models
+        end
+        def models
+          gather_wanted_strings
+          gather_wanted_models
+          gather_valid_strings
+          ensure_consistency_accross_models_and_session
+          @models
+        end
+        private
+        def gather_wanted_strings
+          @wanted_strings = @manager.session_tokens
+        end
+        def gather_wanted_models
+          strings = @wanted_strings
+          # a small attempt to avoid a database call unless needed
+          case strings.size
+          when 0 then return @models = []
+          when 1 then strings = strings.first
+          end
+          # TODO:
+          # optimize this process since each string starts with the user_id,
+          # check StatelessRequestManager for example
+          @models = ::Access.where(token: strings)
+        end
+        def gather_valid_strings
+          @valid_strings = @models.map(&:active_token_or_destroy).map(&:presence).compact
+        end
+        def ensure_consistency_accross_models_and_session
+          if @wanted_strings != @valid_strings
+            @manager.session_tokens = @valid_strings
+            @models = @models.select { |a| @valid_strings.include?(a.token) }
+          end
+        end
+      end
+    end
+  end
+end

data/lib/hello/request_manager/stateful/session_wrapper.rb ADDED

@@ -0,0 +1,37 @@
+module Hello
+  module RequestManager
+    class Stateful < Abstract
+      class SessionWrapper
+        def initialize(manager)
+          @manager = manager
+        end
+        def session_tokens
+          session['tokens'] ||= []
+        end
+        def session_tokens=(v)
+          session['tokens'] = v
+          @manager.clear_cache
+        end
+        def session_token
+          session['token']
+        end
+        def session_token=(v)
+          session['token'] = v
+          @manager.clear_cache
+        end
+        def refresh_session_tokens
+          self.session_tokens = ::Access.where(token: session_tokens).pluck(:token)
+        end
+        def session
+          @manager.request.session
+        end
+      end
+    end
+  end
+end

data/lib/hello/request_manager/stateless.rb ADDED

@@ -0,0 +1,35 @@
+module Hello
+  module RequestManager
+    class Stateless < Abstract
+      def current_accesses
+        []
+      end
+      def current_access
+        @current_access ||= begin
+          return nil unless string  = param || header
+          return nil unless user_id = string.split('-').first
+          return nil unless user    = ::User.find_by_id(user_id)
+          return nil unless model   = user.accesses.find_by_token(string)
+          return nil unless model.active_token_or_destroy
+          model
+        end
+      end
+      def stateful?
+        false
+      end
+      private
+      def param
+        request.parameters['access_token']
+      end
+      def header
+        request.headers['HTTP_ACCESS_TOKEN']
+      end
+    end
+  end
+end

data/lib/hello/time_zones.rb ADDED

@@ -0,0 +1,7 @@
+module Hello
+  module TimeZones
+    def self.all
+      ActiveSupport::TimeZone.send(:zones_map).values.map(&:name)
+    end
+  end
+end

data/lib/hello/utils.rb ADDED

@@ -0,0 +1,11 @@
+module Hello
+  module Utils
+    autoload :DeviceName, 'hello/utils/device_name'
+    def self.trailing_options(args)
+      options = args.last.is_a?(Hash) ? args.pop : {}
+      [options, args]
+    end
+  end
+end

data/lib/hello/utils/device_name.rb ADDED

@@ -0,0 +1,34 @@
+require 'user_agent_parser'
+module Hello
+  module Utils
+    class DeviceName
+      # https://github.com/toolmantim/user_agent_parser
+      # Instantiate the parser on load as it's quite expensive
+      include Singleton
+      def parse(user_agent_string)
+        obj = user_agent_parser.parse(user_agent_string)
+        a_browser = obj.to_s
+        a_os = obj.os.to_s
+        a_browser = "#{obj.name} #{obj.version && obj.version.major}".strip
+        a_os = "#{obj.os.name} #{obj.os.version && obj.os.version.major}".strip
+        a_device = obj.device.name
+        a_browser = a_browser.gsub('IE', 'Internet Explorer') if a_browser.start_with? 'IE'
+        if a_device == 'Other'
+          "#{a_os} - #{a_browser}"
+        elsif a_device == 'Spider'
+          "Spider: #{a_browser}"
+        else
+          "#{a_os} (#{a_device}) - #{a_browser}"
+        end.strip
+      end
+      def user_agent_parser
+        @uap = UserAgentParser::Parser.new
+      end
+    end
+  end
+end

data/lib/hello/version.rb ADDED

@@ -0,0 +1,4 @@
+# frozen_string_literal: true
+module Hello
+  VERSION = '0.5.0'.freeze
+end

data/lib/tasks/hello_tasks.rake ADDED

@@ -0,0 +1,4 @@
+# desc "Explaining what the task does"
+# task :hello do
+#   # Task goes here
+# end

data/spec/bdd/hello/authentication/authorization/authorization_role_restriction_spec.rb ADDED

@@ -0,0 +1,291 @@
+require 'spec_helper'
+RSpec.bdd.uic "Role Restriction" do
+  def _then_allowed
+    Then "I should be allowed" do
+      expect_to_see "yes!"
+    end
+  end
+  def _then_redirect_to_root
+    Then "I should be taken home" do
+      expect(current_path).to eq '/'
+    end
+  end
+  def _then_redirect_to_sign_in
+    Then "I should be taken to sign in" do
+      expect(current_path).to eq hello.sign_in_path
+    end
+  end
+  def _then_redirect_to_onboarding
+    Then "I should be taken to onboarding" do
+      expect(current_path).to eq '/onboarding'
+    end
+  end
+  story "Guest Area" do
+    def _when_I_visit
+      When "I visit the Guest Area" do
+        visit '/my_areas/guest_page'
+      end
+    end
+    scenario "As a Guest" do
+      given_I_have_not_signed_in
+      _when_I_visit
+      _then_allowed
+    end
+    scenario "As an Onboarding" do
+      given_I_have_signed_in_as_an_onboarding
+      _when_I_visit
+      _then_redirect_to_onboarding
+    end
+    scenario "As a User" do
+      given_I_have_signed_in_as_a_user
+      _when_I_visit
+      _then_redirect_to_root
+    end
+    scenario "As a Webmaster" do
+      given_I_have_signed_in_as_a_webmaster
+      _when_I_visit
+      _then_redirect_to_root
+    end
+  end
+  story "Onboarding Area" do
+    def _when_I_visit
+      When "I visit the Onboarding Area" do
+        visit '/my_areas/onboarding_page'
+      end
+    end
+    scenario "As a Guest" do
+      given_I_have_not_signed_in
+      _when_I_visit
+      _then_redirect_to_sign_in
+    end
+    scenario "As an Onboarding" do
+      given_I_have_signed_in_as_an_onboarding
+      _when_I_visit
+      _then_allowed
+    end
+    scenario "As a User" do
+      given_I_have_signed_in_as_a_user
+      _when_I_visit
+      _then_redirect_to_root
+    end
+    scenario "As a Webmaster" do
+      given_I_have_signed_in_as_a_webmaster
+      _when_I_visit
+      _then_redirect_to_root
+    end
+  end
+  story "Authenticated Area" do
+    def _when_I_visit
+      When "I visit the Authenticated Area" do
+        visit '/my_areas/authenticated_page'
+      end
+    end
+    scenario "As a Guest" do
+      given_I_have_not_signed_in
+      _when_I_visit
+      _then_redirect_to_sign_in
+    end
+    scenario "As an Onboarding" do
+      given_I_have_signed_in_as_an_onboarding
+      _when_I_visit
+      _then_allowed
+    end
+    scenario "As a User" do
+      given_I_have_signed_in_as_a_user
+      _when_I_visit
+      _then_allowed
+    end
+    scenario "As a Webmaster" do
+      given_I_have_signed_in_as_a_webmaster
+      _when_I_visit
+      _then_allowed
+    end
+  end
+  story "User Area" do
+    def _when_I_visit
+      When "I visit the User Area" do
+        visit '/my_areas/user_page'
+      end
+    end
+    scenario "As a Guest" do
+      given_I_have_not_signed_in
+      _when_I_visit
+      _then_redirect_to_sign_in
+    end
+    scenario "As an Onboarding" do
+      given_I_have_signed_in_as_an_onboarding
+      _when_I_visit
+      _then_redirect_to_onboarding
+    end
+    scenario "As a User" do
+      given_I_have_signed_in_as_a_user
+      _when_I_visit
+      _then_allowed
+    end
+    scenario "As a Webmaster" do
+      given_I_have_signed_in_as_a_webmaster
+      _when_I_visit
+      _then_allowed
+    end
+  end
+  story "Webmaster Area" do
+    def _when_I_visit
+      When "I visit the Webmaster Area" do
+        visit '/my_areas/webmaster_page'
+      end
+    end
+    scenario "As a Guest" do
+      given_I_have_not_signed_in
+      _when_I_visit
+      _then_redirect_to_sign_in
+    end
+    scenario "As an Onboarding" do
+      given_I_have_signed_in_as_an_onboarding
+      _when_I_visit
+      _then_redirect_to_onboarding
+    end
+    scenario "As a User" do
+      given_I_have_signed_in_as_a_user
+      _when_I_visit
+      _then_redirect_to_root
+    end
+    scenario "As a Webmaster" do
+      given_I_have_signed_in_as_a_webmaster
+      _when_I_visit
+      _then_allowed
+    end
+  end
+  story "Non Webmaster Area" do
+    def _when_I_visit
+      When "I visit the Non Webmaster Area" do
+        visit '/my_areas/non_webmaster_page'
+      end
+    end
+    scenario "As a Guest" do
+      given_I_have_not_signed_in
+      _when_I_visit
+      _then_allowed
+    end
+    scenario "As an Onboarding" do
+      given_I_have_signed_in_as_an_onboarding
+      _when_I_visit
+      _then_allowed
+    end
+    scenario "As a User" do
+      given_I_have_signed_in_as_a_user
+      _when_I_visit
+      _then_allowed
+    end
+    scenario "As a Webmaster" do
+      given_I_have_signed_in_as_a_webmaster
+      _when_I_visit
+      _then_redirect_to_root
+    end
+  end
+end