ishapi 0.1.8.133 → 0.1.8.138

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 214eb06a86cd16e99e941a3c22331117b6fde6f617d21149b26584718e81535b
-  data.tar.gz: 21b011a4ca8f9daf09753bb6ca3df95c5f8b536d321b586b9b193bcf65c03546
+  metadata.gz: 484a021badac24fd7cc60e51878246515d9f5a7c0061bc03a530161a9ca52be5
+  data.tar.gz: 69fba225c87c16878d240c94956616cfab4ef3e1a8f3f3214435c2683fa796df
 SHA512:
-  metadata.gz: 4bbfa9c73cb0e80eb74a7c52c2e40f120239445caabb62c153b65c21fe77258f088b289b18eab506b8a0a759ae913edae63c6561fbca2464b869ced7176a98a7
-  data.tar.gz: 3c62e845e6ec976248c8c94cd34b4bc87a370548319b8b2459560e0ed610c369ceac97e00dc5f76bb9c9805ba2d1c238b43897fd74c4a01e9722e6832694b8ee
+  metadata.gz: 97b91683c848f49d69fb0df659923dbea16d45c0fcbe0f5ef30b8b48e70f7b59783ae6fd6097cba14e0942c98d789bad17f1dc752c231525ef8dda79b3620b3a
+  data.tar.gz: 475504a104554c49b03c937148daf096ae043381bee59d5d9b2baae2e2847f32e432593c63d85849af497d27b3d4ca69937665e422a785b0e0849db608672e79

data/README.md

@@ -1,12 +1,19 @@
 
 # Develop
 
+-=----- 20201228
+
+Expects params[:jwtToken]
+no... expects params[:accessToken]
+somehow expects params[:jwt_token] ?
+
 # Test
 
  cd test/dummy
  be rspec spec
 
 # Install
+
  bundle
  gem build ishapi.gemspec
 

data/app/controllers/ishapi/application_controller.rb

@@ -5,40 +5,42 @@ module Ishapi
     protect_from_forgery :prepend => true, :with => :exception
     layout :false
 
-    # before_action :check_profile, except: [ :test ]
-    before_action :set_current_ability
-
-    check_authorization
+    check_authorization except: [ :long_term_token ]
     skip_before_action :verify_authenticity_token
 
     def test
     end
 
     def long_term_token
-      authorize! :long_term_token, ::Ishapi
-
       accessToken   = request.headers[:accessToken]
       accessToken ||= params[:accessToken]
 
       params['domain'] = 'tgm.piousbox.com'
 
-      response = HTTParty.get "https://graph.facebook.com/v5.0/oauth/access_token?grant_type=fb_exchange_token&" +
+      response = ::HTTParty.get "https://graph.facebook.com/v5.0/oauth/access_token?grant_type=fb_exchange_token&" +
         "client_id=#{FB[params['domain']][:app]}&client_secret=#{FB[params['domain']][:secret]}&" +
         "fb_exchange_token=#{accessToken}"
       j = JSON.parse response.body
-      puts! j, 'fb response'
-      @long_term_token = j['access_token']
-
-      # get user email
+      @long_term_token  = j['access_token']
       @graph            = Koala::Facebook::API.new( accessToken )
       @me               = @graph.get_object( 'me', :fields => 'email' )
       @current_user     = User.where( :email => @me['email'] ).first
-      @profile          = @current_user.profile
 
       # send the jwt to client
-      @jwt_token = encode(user_id: @current_user.id)
+      @jwt_token = encode(user_id: @current_user.id.to_s)
+
+      render json: {
+        email: @current_user.email,
+        jwt_token: @jwt_token,
+        long_term_token: @long_term_token,
+        n_unlocks: @current_user.profile.n_unlocks,
+      }
+    end
 
-      render json: { long_term_token: @long_term_token, jwt_token: @jwt_token }
+    def home
+      authorize! :welcome_home, Ishapi
+      render :json => { :status => :ok, :message => 'Ishapi::ApiController.home',
+                        :n_reports => Report.count, :n_cities => City.count }
     end
 
     #
@@ -70,10 +72,10 @@ module Ishapi
         end
       end
     end
+
     ## Does not crap out if accessToken is missing
     def soft_check_long_term_token
       check_long_term_token soft=true
-      # puts! @profile, 'soft_check_long_term_token() profile'
     end
 
     def check_multiprofile provider = 'google'
@@ -128,25 +130,36 @@ module Ishapi
           @current_user     = current_user  if Rails.env.test?
         end
 
-        puts! @current_user, 'current_user'
-        puts! @current_profile, 'current_profile'
-
       elsif 'jwt' == provider
         decoded = decode(params[:jwt_token])
-        puts! decoded, 'decoded'
-        @current_user = User.find decoded[:user_id]
-
+        @current_user = User.find decoded['user_id']
       else
         puts! 'check_multiprofile(): no access token'
         raise "ww1 - not implemented"
       end
 
+      # @TODO: refactor [ref-5]
       sign_in @current_user, scope: :user
-      set_current_ability
+      current_ability
+    end
+
+
+
+    # same as check_profile but doesn't error out when jwt_token is missing or expired
+    def check_profile_optionally
+      if !params[:jwt_token]
+        @current_user = User.new profile: Profile.new
+      else
+        begin
+          check_profile
+        rescue JWT::ExpiredSignature
+          Rails.logger.info("JWT::ExpiredSignature")
+          @current_user = User.new profile: Profile.new
+        end
+      end
     end
 
     # this doesn't generate long-lived token, doesn't update user_profile
-    # this is only for facebook now
     def check_profile
       puts! params, 'params'
 
@@ -154,10 +167,6 @@ module Ishapi
       # return check_multiprofile 'facebook'
       return check_multiprofile 'jwt'
 
-      # puts! params, 'params'
-      # puts! current_user, 'current_user'
-      # puts! @current_user, '@current_user'
-
       accessToken   = request.headers[:accessToken]
       accessToken ||= params[:fb_long_access_token]
       accessToken ||= params[:accessToken]
@@ -229,10 +238,9 @@ module Ishapi
       return token # ['access_token']
     end
 
-    def set_current_ability
-      # puts! current_user.email, '#set_current_ability() :: @current_user'
+    def current_ability
       @current_user ||= User.new({ profile: ::IshModels::UserProfile.new })
-      @current_ability ||= ::Ishapi::Ability.new( @current_user )
+      @current_ability ||= Ishapi::Ability.new( @current_user )
     end
 
     def puts! a, b=''
@@ -240,6 +248,19 @@ module Ishapi
       puts a.inspect
     end
 
+    # jwt
+    def check_jwt
+      begin
+        decoded = decode(params[:jwt_token])
+        puts! decoded, 'decoded'
+        @current_user = User.find decoded['user_id']
+      rescue JWT::ExpiredSignature
+        Rails.logger.info("JWT::ExpiredSignature")
+        @current_user = User.new
+      end
+      current_ability
+    end
+
     # jwt
     def encode(payload, exp = 2.hours.from_now)
       payload[:exp] = exp.to_i

data/app/controllers/ishapi/galleries_controller.rb

@@ -3,7 +3,8 @@ require_dependency "ishapi/application_controller"
 module Ishapi
   class GalleriesController < ApplicationController
 
-    before_action :soft_check_long_term_token, only: [ :show ]
+    # before_action :soft_check_long_term_token, only: [ :show ]
+    before_action :check_jwt
 
     def index
       @galleries = Gallery.all

data/app/controllers/ishapi/gameui_controller.rb

@@ -21,7 +21,7 @@ module Ishapi
         :amount => params[:amount],
         :currency => 'usd',
         :source => params[:stripeToken],
-        :destination => { 
+        :destination => {
           :account => acct,
         }
       )
@@ -46,7 +46,7 @@ module Ishapi
     def do_purchase
       authorize! :do_purchase, ::Gameui
       item = params[:className].constantize.find_by_slug( params[:slug] )
-      
+
       raise 'no such item'     if !item
       raise 'too little funds' if @profile.n_stars < item.premium_tier
 

data/app/controllers/ishapi/my/galleries_controller.rb

@@ -0,0 +1,12 @@
+
+class Ishapi::My::GalleriesController < Ishapi::My::MyController
+
+  ## expects params[:jwt_token]
+  def index
+    authorize! :my_index, Gallery
+    @galleries = @current_user.profile.galleries.unscoped.where( is_trash: false ).order_by( created_at: :desc ).limit(20)
+    render 'ishapi/galleries/index'
+  end
+
+end
+

data/app/controllers/ishapi/my/my_controller.rb

@@ -4,15 +4,18 @@ module Ishapi
     class MyController < Ishapi::ApplicationController
 
       # before_action :set_profile # this is DoS on FB - disabled
-      before_action :do_login
+      # before_action :do_login
+      before_action :check_profile
+
+      def account
+        @profile = current_user.profile
+        authorize! :show, @profile
+      end
 
       private
 
       def do_login
-        puts! params, 'params'
-
         token = decode(params[:jwtToken])
-        puts! token, 'token'
         @current_user = User.find(token["user_id"])
       end
 

data/app/controllers/ishapi/payments_controller.rb

@@ -2,6 +2,12 @@ require_dependency "ishapi/application_controller"
 module Ishapi
   class PaymentsController < ApplicationController
 
+    before_action :check_profile, only: %i| create2 unlock |
+
+    ##
+    ## this is for invoices on wasya.co, isn't it?
+    ## 20200712
+    ##
     def create
       authorize! :open_permission, ::Ishapi
       begin
@@ -18,11 +24,10 @@ module Ishapi
           :amount => amount_cents,
           :currency => 'usd',
           :source => params[:token][:id],
-          :destination => { 
+          :destination => {
             :account => acct,
           }
         )
-        # puts! charge, 'charge'
 
         payment.charge = JSON.parse( charge.to_json )
         if payment.save
@@ -36,6 +41,73 @@ module Ishapi
       end
     end
 
+    ## This is for guyd _vp_ 20200721
+    def create2
+      authorize! :create, ::Ish::Payment
+
+      begin
+        amount_cents  = 503 # @TODO: change
+
+        ::Stripe.api_key = STRIPE_SK
+        intent = Stripe::PaymentIntent.create({
+          amount: amount_cents,
+          currency: 'usd',
+          metadata: { integration_check: "accept_a_payment" },
+        })
+
+        payment = Ish::Payment.create!(
+          client_secret: intent.client_secret,
+          email: @current_user.email,
+          payment_intent_id: intent.id,
+          profile_id: @current_user.profile.id )
+
+        render json: { client_secret: intent.client_secret }
+      rescue Mongoid::Errors::DocumentNotFound => e
+        puts! e, 'e'
+        render :status => 404, :json => e
+      end
+    end
+
+    ## webhook
+    def stripe_confirm
+      authorize! :open_permission, ::Ishapi
+      payload = request.body.read
+      event = nil
+      begin
+        event = Stripe::Event.construct_from(JSON.parse(payload, symbolize_names: true))
+      rescue StandardError => e
+        puts! e, 'e'
+        render status: 400, json: { status: :not_ok }
+        return
+      end
+
+      payment_intent = event.data.object
+
+      payment = Ish::Payment.where( payment_intent_id: payment_intent.id ).first
+      if payment && payment_intent['status'] == 'succeeded'
+        payment.update_attributes( status: :confirmed )
+        payment.profile.update_attributes!( n_unlocks: payment.profile.n_unlocks + 5 )
+      end
+
+      render status: 200, json: { status: :ok }
+    end
+
+    def unlock
+      authorize! :unlock, ::Ish::Payment
+      item = Object::const_get(params['kind']).find params['id']
+
+      existing = Purchase.where( user_profile: @current_user.profile, item: item ).first
+      if existing
+        render status: 200, json: { status: :ok, message: 'already purchased' }
+        return
+      end
+
+      @current_user.profile.update_attributes n_unlocks: @current_user.profile.n_unlocks - 1 # @TODO: the number is variable
+      purchase = ::Gameui::PremiumPurchase.create!( item: item, user_profile: @current_user.profile, )
+
+      render status: 200, json: { status: :ok }
+    end
+
   end
 end
 

data/app/controllers/ishapi/sites_controller.rb

@@ -3,6 +3,8 @@ require_dependency "ishapi/application_controller"
 module Ishapi
   class SitesController < ApplicationController
 
+    before_action :check_profile_optionally, only: %i| show |
+
     def index
       authorize! :index, ::Site
       @sites = ::Site.all
@@ -14,10 +16,9 @@ module Ishapi
       else
         domain = params[:domain]
       end
-      @site = ::Site.find_by :domain => domain, :lang => :en
+      @site = ::Site.find_by(domain: domain, lang: :en)
       authorize! :show, @site
 
-
       if @site.is_private
         if !params[:accessToken]
           render :json => { :status => :unauthorized}, :status => :unauthorized

data/app/controllers/ishapi/user_profiles_controller.rb

@@ -9,12 +9,5 @@ module Ishapi
       authorize! :show, @profile
     end
 
-    def my
-      puts! params, 'params 233'
-
-      @profile = current_user.profile
-      authorize! :show, @profile
-    end
-
   end
 end

data/app/models/ishapi/ability.rb

@@ -3,7 +3,6 @@ class Ishapi::Ability
   include ::CanCan::Ability
 
   def initialize user
-
     #
     # signed in user
     #
@@ -13,15 +12,18 @@ class Ishapi::Ability
         can :manage, :all
       end
 
+      can [ :update ], ::CoTailors::Address do |address|
+        puts [ user.inspect, address.inspect ], '+++ user in cancancan'
+        true
+      end
+
+      can [ :my_index ], Gallery
       can [ :show ], Gallery do |gallery|
         gallery.user_profile == user.profile
       end
       can [ :do_purchase ], ::Gameui
 
-      can [ :update ], ::CoTailors::Address do |address|
-        puts [ user.inspect, address.inspect ], '+++ user in cancancan'
-        true
-      end
+      can [ :create, :unlock ], ::Ish::Payment
 
       can [ :buy_stars ], ::IshModels::UserProfile
 
@@ -42,6 +44,11 @@ class Ishapi::Ability
 
     can [ :index, :show ], Event
 
+    #
+    # Ish::P
+    #
+
+
     #
     # G
     #

data/app/views/ishapi/galleries/index.jbuilder

@@ -11,7 +11,7 @@ json.array! @galleries do |gallery|
   json.subhead     gallery.subhead
   json.username    gallery.user_profile.name
   json.cityname    gallery.city.name    if gallery.city
-  json.tagname     gallery.tag.name_seo if gallery.tag
+  json.tag_names   gallery.tags.map &:name_seo
   json.venuename   gallery.venue.name   if gallery.venue
   json.partial! 'ishapi/photos/index', :photos => gallery.photos
 end

data/app/views/ishapi/{user_profiles/my.jbuilder → my/my/account.jbuilder}

@@ -8,6 +8,8 @@ json.n_galleries @profile.galleries.count
 json.n_videos    @profile.videos.count
 json.n_stars     @profile.n_stars
 
+json.n_unlocks @profile.n_unlocks
+
 if @profile.current_city
   json.current_city @profile.current_city
 end

data/app/views/ishapi/newsitems/_index.jbuilder

@@ -10,7 +10,7 @@ json.newsitems do
     json.name        item.name
     json.created_at  item.created_at
     json.updated_at  item.updated_at
-    
+
     if item.gallery
       json.item_type    'gallery'
       json.name         item.gallery.name
@@ -39,7 +39,7 @@ json.newsitems do
       json.username   item.report.user_profile.name if item.report.user_profile
 
       if item.report.photo
-        json.photo_s169_url item.report.photo.photo.url( :s169 ) 
+        json.photo_s169_url item.report.photo.photo.url( :s169 )
         json.photo_thumb2_url item.report.photo.photo.url( :thumb2 )
       end
 
@@ -51,7 +51,7 @@ json.newsitems do
         json.is_purchased current_user.profile.has_premium_purchase( item.report )
       end
     end
-    
+
     if item.video_id
       json.partial! 'ishapi/videos/show', :video => Video.unscoped.find( item.video_id )
     end
@@ -60,6 +60,6 @@ json.newsitems do
       json.item_type 'photo'
       json.partial! 'ishapi/photos/index', :photos => [ item.photo ]
     end
-    
+
   end
 end

data/app/views/ishapi/sites/show.jbuilder

@@ -1,4 +1,4 @@
- 
+
 #
 # ishapi / sites / show
 #
@@ -22,7 +22,7 @@ json.cache! key do
   json.partial! 'ishapi/newsitems/index', :newsitems => @newsitems,     :resource => @site
   json.partial! 'ishapi/reports/index',   :reports   => @reports,       :resource => @site
   json.partial! 'ishapi/videos/index',    :videos    => @site.videos
-  
+
   json.feature_tags do
     json.array! @feature_tags do |feature_tag|
       json.partial! 'ishapi/tags/widget', :tag => feature_tag

data/config/routes.rb

@@ -1,6 +1,6 @@
 Ishapi::Engine.routes.draw do
-  root :to => 'api#home'
-  post 'home', :to => 'api#home'
+  root :to => 'application#home'
+  post 'home', :to => 'application#home'
 
   resources :addresses
 
@@ -15,8 +15,6 @@ Ishapi::Engine.routes.draw do
   namespace :co_tailors do
   end
 
-  post 'do_purchase', to: 'gameui#do_purchase'
-
   get 'events/view/:eventname',      :to => 'events#show'
 
   get  'galleries',                   :to => 'galleries#index'
@@ -29,17 +27,21 @@ Ishapi::Engine.routes.draw do
   get 'maps', to: 'maps#index'
   get 'maps/view/:slug', to: 'maps#show'
   get 'markers/view/:slug', to: 'maps#show_marker'
-
-  get 'my/newsitems', to: 'newsitems#index'
-  get 'my/account',   to: 'user_profiles#my'
+  get "/my/account", to: "my/my#account"
   namespace :my do
-    # post 'reports', :to => 'reports#index'
-    get  'reports', :to => 'reports#index'
-    get 'videos', to: 'videos#index'
-    post 'videos', to: 'videos#index'
+    get 'galleries', to: 'galleries#index'
+    get 'newsitems', to: 'newsitems#index'
+    get  'reports',  to: 'reports#index'
+    get  'videos',   to: 'videos#index'
+    post 'videos',   to: 'videos#index'
   end
 
+  post 'do_purchase', to: 'gameui#do_purchase' # @TODO: rename to just purchase, or destroy endpoint
   post 'payments', :to => 'payments#create'
+  post 'payments2', :to => 'payments#create2' # @TODO: change
+  get  'payments2', to: 'payments#create2'
+  post 'payments/unlock', to: 'payments#unlock' # do_purchase
+  post  'stripe_confirm', to: 'payments#stripe_confirm' # @TODO: test-drive
 
   get 'profiles/view/:username', :to => 'user_profiles#show'
 

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: ishapi
 version: !ruby/object:Gem::Version
-  version: 0.1.8.133
+  version: 0.1.8.138
 platform: ruby
 authors:
 - piousbox
-autorequire: 
+autorequire:
 bindir: bin
 cert_chain: []
-date: 2020-07-04 00:00:00.000000000 Z
+date: 2021-01-02 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rails
@@ -195,7 +195,6 @@ files:
 - app/assets/stylesheets/ishapi/articles.css
 - app/assets/stylesheets/scaffold.css
 - app/controllers/ishapi/addresses_controller.rb
-- app/controllers/ishapi/api_controller.rb
 - app/controllers/ishapi/application_controller.rb
 - app/controllers/ishapi/articles_controller.rb
 - app/controllers/ishapi/cities_controller.rb
@@ -205,6 +204,7 @@ files:
 - app/controllers/ishapi/invoices_controller.rb
 - app/controllers/ishapi/maps_controller.rb
 - app/controllers/ishapi/measurements_controller.rb
+- app/controllers/ishapi/my/galleries_controller.rb
 - app/controllers/ishapi/my/my_controller.rb
 - app/controllers/ishapi/my/reports_controller.rb
 - app/controllers/ishapi/my/videos_controller.rb
@@ -249,6 +249,7 @@ files:
 - app/views/ishapi/maps/index.jbuilder
 - app/views/ishapi/maps/show.jbuilder
 - app/views/ishapi/measurements/_show.jbuilder
+- app/views/ishapi/my/my/account.jbuilder
 - app/views/ishapi/my/videos/index.jbuilder
 - app/views/ishapi/newsitems/_index.jbuilder
 - app/views/ishapi/newsitems/index.jbuilder
@@ -265,7 +266,6 @@ files:
 - app/views/ishapi/tags/_widget.jbuilder
 - app/views/ishapi/tags/index.jbuilder
 - app/views/ishapi/tags/show.jbuilder
-- app/views/ishapi/user_profiles/my.jbuilder
 - app/views/ishapi/user_profiles/show.jbuilder
 - app/views/ishapi/users/_index.jbuilder
 - app/views/ishapi/users/show.jbuilder
@@ -284,7 +284,7 @@ homepage: http://wasya.co
 licenses:
 - MIT
 metadata: {}
-post_install_message: 
+post_install_message:
 rdoc_options: []
 require_paths:
 - lib
@@ -300,7 +300,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
 requirements: []
 rubygems_version: 3.0.6
-signing_key: 
+signing_key:
 specification_version: 4
 summary: Summary of Ishapi.
 test_files: []

data/app/controllers/ishapi/api_controller.rb

@@ -1,13 +0,0 @@
-require_dependency "ishapi/application_controller"
-
-module Ishapi
-  class ApiController < UnrestrictedController
-
-    def home
-      authorize! :welcome_home, Ishapi
-      render :json => { :status => :ok, :message => 'Ishapi::ApiController.home', 
-                        :n_reports => Report.count, :n_cities => City.count }
-    end
-
-  end
-end