iugusdk 1.0.0.alpha.3 → 1.0.0.alpha.4

data/app/controllers/iugu/account_controller.rb

@@ -18,9 +18,13 @@ class Iugu::AccountController < Iugu::AccountSettingsController
   end
 
   def destroy
-    account = current_user.accounts.find(params[:id])
-    account.destroy
-    redirect_to(account_settings_path, :notice => I18n.t("iugu.account_destruction_in") + account.destruction_job.run_at.to_s)
+    if IuguSDK::enable_account_cancel
+      account = current_user.accounts.find(params[:id])
+      account.destroy
+      redirect_to(account_settings_path, :notice => I18n.t("iugu.account_destruction_in") + account.destruction_job.run_at.to_s)
+    else
+      raise ActionController::RoutingError.new('Not found')
+    end
   end
 
   def cancel_destruction
@@ -49,9 +53,14 @@ class Iugu::AccountController < Iugu::AccountSettingsController
   def generate_new_token
     if IuguSDK::enable_account_api
       @account = current_user.accounts.find(params[:account_id])
-      @account.update_api_token
+      token = @account.tokens.create(description: params[:description], api_type: params[:api_type])
+      if token.new_record?
+        notice = token.errors.full_messages
+      else
+        notice = I18n.t("iugu.notices.new_token_generated")
+      end
       flash[:group] = :api_token
-      redirect_to account_view_path(params[:account_id]), :notice => I18n.t("iugu.notices.new_token_generated")
+      redirect_to account_view_path(params[:account_id]), :notice => notice
     else
       raise ActionController::RoutingError.new('Not found')
     end

data/app/controllers/iugu/pricing_controller.rb

@@ -0,0 +1,8 @@
+class Iugu::PricingController < ApplicationController
+  before_filter :verify_api_key, :only => [ :index ]
+
+  def index
+    @plans = Iugu::Api::Plan.all
+  end
+  
+end

data/app/controllers/iugu/profile_controller.rb

@@ -25,8 +25,12 @@ class Iugu::ProfileController < Iugu::SettingsController
   end
 
   def destroy
-    (user = current_user).destroy
-    redirect_to(profile_settings_path, :notice => I18n.t("iugu.user_destruction_in") + user.destruction_job.run_at.to_s)
+    if IuguSDK::enable_user_cancel
+      (user = current_user).destroy
+      redirect_to(profile_settings_path, :notice => I18n.t("iugu.user_destruction_in") + user.destruction_job.run_at.to_s)
+    else
+      raise ActionController::RoutingError.new("Not found")
+    end
   end
 
   def cancel_destruction
@@ -63,4 +67,13 @@ class Iugu::ProfileController < Iugu::SettingsController
     end 
   end 
 
+  def renew_token
+    if IuguSDK::enable_user_api
+      current_user.token.refresh
+      redirect_to profile_settings_path
+    else
+      raise ActionController::RoutingError.new("Not found")
+    end
+  end
+
 end

data/app/controllers/iugu/registrations_controller.rb

@@ -3,6 +3,14 @@ class Iugu::RegistrationsController < Devise::RegistrationsController
 
   layout IuguSDK.alternative_layout
 
+  def new
+    if !IuguSDK::default_subscription_name && IuguSDK::enable_subscription_features
+      redirect_to pricing_index_path
+    else
+      super
+    end
+  end
+
   def try_first
     if IuguSDK::enable_guest_user
       @user = User.create_guest

data/app/controllers/iugu/sessions_controller.rb

@@ -1,5 +1,13 @@
 class Iugu::SessionsController < Devise::SessionsController
   after_filter :select_account, :only => :create 
 
+  def after_sign_in_path_for(resource_or_scope)
+    IuguSDK::app_main_url
+  end
+
+  def after_sign_out_path_for(resource_or_scope)
+    IuguSDK::app_root_url
+  end
+
   layout IuguSDK.alternative_layout
 end

data/app/models/account.rb

@@ -4,6 +4,7 @@ class Account < ActiveRecord::Base
   has_many :account_users, :dependent => :destroy, :include => [:roles,:account]
   has_many :account_domains, :dependent => :destroy
   has_many :users, :through => :account_users
+  has_many :tokens, :as => :tokenable, :class_name => "ApiToken"
   handle_asynchronously :destroy, :queue => Proc.new { |p| "account_#{p.id}_destroy" },
                         :run_at => Proc.new { DateTime.now + IuguSDK::delay_account_exclusion }
 
@@ -13,7 +14,6 @@ class Account < ActiveRecord::Base
 
   attr_accessible :subdomain, :name 
 
-  before_create :set_first_token
   after_create :set_first_subdomain, :unless => :subdomain?
 
   def self.get_from_domain(domain)
@@ -46,24 +46,12 @@ class Account < ActiveRecord::Base
     (super.blank? ? "#{I18n.t('iugu.account')} ##{id}" : super)
   end
   
-  def update_api_token
-    self.update_attribute(:api_token, generate_api_token)
-  end
-
   private
 
-  def set_first_token
-    self.api_token = generate_api_token
-  end
-
   def set_first_subdomain
     self.update_attribute(:subdomain, "#{IuguSDK::account_alias_prefix}#{id}")
   end
 
-  def generate_api_token
-    Digest::MD5.hexdigest("#{SecureRandom.hex(10)}-#{DateTime.now.to_s}")
-  end
-
   def subdomain_blacklist
     if subdomain
       IuguSDK::custom_domain_invalid_prefixes.each do |invalid_prefix|

data/app/models/api_token.rb

@@ -0,0 +1,32 @@
+class ApiToken < ActiveRecord::Base
+  belongs_to :tokenable, :polymorphic => true
+
+  before_create :set_first_token
+
+  validates :token, :uniqueness => true
+  validates :description, :uniqueness => { :scope => [:tokenable_id, :tokenable_type] }
+  validates :description, :tokenable, :api_type, :presence => true
+  validate :valid_account_api_type, :if => Proc.new { tokenable_type == "Account" }
+
+  def refresh
+    self.token = generate_api_token
+    save
+  end
+
+
+  private
+
+  def set_first_token
+    self.token = generate_api_token
+  end 
+
+  def generate_api_token
+    Digest::MD5.hexdigest("#{SecureRandom.hex(10)}-#{DateTime.now.to_s}")
+  end 
+
+  def valid_account_api_type
+    errors.add(:api_type, I18n.t('errors.messages.not_supported_api_type')) unless IuguSDK::account_api_tokens.include? api_type
+  end
+
+  
+end

data/app/models/user.rb

@@ -6,6 +6,7 @@ class User < ActiveRecord::Base
   has_many :account_users, :dependent => :destroy, :include => [:roles,:account]
   has_many :accounts, :through => :account_users
   has_many :social_accounts, :dependent => :destroy
+  has_one :token, :as => :tokenable, :class_name => "ApiToken"
 
   handle_asynchronously :destroy, :queue => Proc.new { |p| "user_#{p.id}_destroy" },
                         :run_at => Proc.new { DateTime.now + IuguSDK::delay_user_exclusion }
@@ -22,6 +23,8 @@ class User < ActiveRecord::Base
 
   before_create :skip_confirmation!, :unless => Proc.new { IuguSDK::enable_user_confirmation }
 
+  after_create :init_token, :if => Proc.new { IuguSDK::enable_user_api }
+
   after_create :create_account_for_user
 
   after_create :send_welcome_mail, :if => Proc.new { |r| IuguSDK::enable_welcome_mail && !r.email.blank? }
@@ -132,8 +135,28 @@ class User < ActiveRecord::Base
     end
   end
 
+  def access_token
+    "none"
+  end
+
+  # def to_json
+  #   super(:only => [:email,:id])
+  # end
+  def as_json(options = nil)
+    {
+      id: id,
+      email: email,
+      locale: locale,
+      access_token: access_token
+    }
+  end
+
   private
 
+  def init_token
+    self.token = ApiToken.create(tokenable: self, api_type: "USER", description: "User")
+  end
+
   def destroy_private_accounts
     self.accounts.each do |acc|
       acc.destroy if acc.account_users.count <= 1
@@ -161,4 +184,6 @@ class User < ActiveRecord::Base
       account_user = new_account.account_users.create( { :user => self } )
     end
   end
+
+
 end

data/app/views/iugu/pricing/index.html.haml

@@ -0,0 +1,14 @@
+Pricing
+%br
+- @plans.each do |plan|
+  = plan.name
+  - plan.prices.each do |price|
+    = "-"
+    = price.value_cents
+    = price.currency
+  - plan.features.each do |feature|
+    - if feature.important
+      = "-"
+      = feature.name
+  %br
+

data/app/views/iugu/settings/account.html.haml

@@ -42,23 +42,38 @@
     = link_to I18n.t("iugu.payment_history")
 
 
+%br
 - if IuguSDK::enable_account_api
   - if current_user.is?(:owner, @account)
-    %br
+    %h2
+      = I18n.t("iugu.api_tokens")
     - if flash[:group] == :api_token
       %div
-        = flash[:notice]
+        - if flash[:notice].class == Array
+          %ul
+            - flash[:notice].each do |e|
+              %li
+                = e
+        - else
+          = flash[:notice]
     %div
-      = I18n.t("iugu.api_token")
-      = link_to I18n.t("iugu.generate_new_token"), account_generate_new_token_path(@account.id), :method => :post
+      - @account.tokens.each do |token|
+        = "#{token.description} - #{token.api_type} - #{token.token} - #{token.created_at}"
+        %br
       %br
-      = @account.api_token
+      = form_tag(account_generate_new_token_path(@account.id), :method => :post) do
+        = I18n.t('iugu.api_type')
+        = select_tag :api_type, options_for_select(IuguSDK::account_api_tokens)
+        = I18n.t('iugu.description')
+        = text_field_tag :description
+        = submit_tag I18n.t('iugu.create')
 
 - if current_user.is?(:owner, @account)
   %br
   %br
   - unless @account.destroying?
-    = link_to I18n.t("iugu.cancel_account"), account_destroy_path(@account.id), :method => :delete
+    - if IuguSDK::enable_account_cancel
+      = link_to I18n.t("iugu.cancel_account"), account_destroy_path(@account.id), :method => :delete
   - else
     - if IuguSDK::delay_account_exclusion > 0
       = link_to I18n.t("iugu.undo"), account_cancel_destruction_path(@account.id), :method => :delete

data/app/views/iugu/settings/profile.html.haml

@@ -58,6 +58,15 @@
       = f.submit "OK"
   %br
 
+  - if IuguSDK::enable_user_api
+    %h3
+      Api Token
+    = @user.token.token
+    %br
+    = link_to "Renew", renew_user_token_path
+    %br
+    %br
+
   - if IuguSDK::enable_signup_form
     %div
       %h3
@@ -91,7 +100,8 @@
       - unless @user.destruction_job.locked_at
         = link_to I18n.t("iugu.undo"), profile_cancel_destruction_path, :confirm => I18n.t("iugu.are_you_sure?") 
     - else
-      = link_to I18n.t("iugu.remove_user"), profile_destroy_path, :confirm => I18n.t("iugu.are_you_sure?") 
+      - if IuguSDK::enable_user_cancel
+        = link_to I18n.t("iugu.remove_user"), profile_destroy_path, :confirm => I18n.t("iugu.are_you_sure?") 
   %br
 
   - if IuguSDK::enable_social_linking

data/config/locales/iugu.en.yml

@@ -5,6 +5,7 @@ en:
       invalid_role: "Not a valid role"
       only_social_and_no_email: "You need email and password to unlink this Social Account"
       email_already_in_use: "This email is already in use"
+      not_supported_api_type: "not supported api type"
   iugu:
     welcome: "Welcome"
     edit: "Edit"
@@ -19,6 +20,7 @@ en:
     back_to: "Back to"
     back: "Back"
     save: "Save"
+    create: "Create"
     invited_by: "Invited by"
     accept: "Accept"
     invite: "Invite"
@@ -83,7 +85,9 @@ en:
     did_not_receive_confirmation_instructions?: "Didn't receive confirmation instructions?"
     plan_name: "Plan name"
     custom_domains: "Custom domains"
-    api_token: "Api token"
+    api_tokens: "Api tokens"
+    api_type: "Api type"
+    description: "Description"
     i_dont_have_any_accounts: "I don't have any accounts"
     owner: "owner"
     admin: "admin"

data/config/locales/iugu.pt-BR.yml

@@ -5,6 +5,7 @@ pt-BR:
       invalid_role: "Cargo invalido"
       only_social_and_no_email: "Você precisa de um email para poder apagar essa rede social"
       email_already_in_use: "Esse email já foi utilizado"
+      not_supported_api_type: "tipo de api não suportado"
   iugu:
     welcome: "Bem vindo"
     edit: "Editar"
@@ -19,6 +20,7 @@ pt-BR:
     back_to: "Voltar para"
     back: "Voltar"
     save: "Salvar"
+    create: "Criar"
     invited_by: "Convidado por"
     accept: "Aceitar"
     invite: "Convidar"
@@ -83,7 +85,9 @@ pt-BR:
     did_not_receive_confirmation_instructions?: "Não recebeu as instruções para confirmação?"
     plan_name: "Nome do Plano"
     custom_domains: "Dominios customizados"
-    api_token: "Token da api"
+    api_tokens: "Tokens da api"
+    api_type: "Tipo de api"
+    description: "Descrição"
     i_dont_have_any_accounts: "Eu não tenho nenhuma conta"
     owner: "dono"
     admin: "administrador"

data/config/routes.rb

@@ -33,6 +33,7 @@ Rails.application.routes.draw do
     get "settings/profile/cancel_destruction" => "iugu/profile#cancel_destruction", :as => "profile_cancel_destruction"
     post "settings/profile" => "iugu/profile#update", :as => "profile_update"
     get "settings/profile/social/destroy" => "iugu/profile#destroy_social", :as => "social_destroy"
+    get "settings/profile/renew_token" => "iugu/profile#renew_token", :as => "renew_user_token"
     post 'become_user' => 'iugu/profile#become_user', :as => 'become_user'
 
     get '/settings/account/:account_id/invite' => 'iugu/invitations#new', :as => 'new_invite'
@@ -42,6 +43,8 @@ Rails.application.routes.draw do
     get "/settings/account/(:id)/user/:user_id/roles" => "iugu/account_roles#edit", :as => "account_roles_edit"
     post "/settings/account/(:id)/user/:user_id/roles" => "iugu/account_roles#update", :as => "account_roles_update"
 
+    get '/pricing' => 'iugu/pricing#index', :as => 'pricing_index'
+
     devise_for :users,
       :path => 'account',
       :module => 'iugu',

data/db/migrate/20121023113304_create_api_token.rb

@@ -0,0 +1,15 @@
+class CreateApiToken < ActiveRecord::Migration
+  def up
+    create_table :api_tokens do |t|
+      t.column :token, :string
+      t.column :description, :string
+      t.column :api_type, :string
+      t.references :tokenable, :polymorphic => true
+      t.timestamps
+    end
+  end
+
+  def down
+    drop_table :api_tokens
+  end
+end

data/lib/iugusdk/engine.rb

@@ -1,6 +1,14 @@
 module IuguSDK
   class Engine < Rails::Engine
 
+    initializer "iugusdk.load_app_root" do |app|
+
+       IuguSDK.app_root = app.root
+
+       app.config.middleware.insert_before( app.config.session_store, SessionParameterMiddleware, app.config.session_options[:key])
+
+    end
+
     initializer 'iugusdk.action_controller' do |app|
       ActiveSupport.on_load(:action_controller) do
         include IuguSDK::Controllers::Helpers

data/lib/iugusdk/iugusdk_base_controller.rb

@@ -9,17 +9,26 @@ module IuguSDKBaseController
   end
 
   def configure_locale
-    @matched_locale_from_browser = request.preferred_language_from(AvailableLanguage.all.values)
-    if signed_in?
-      if current_user.locale.blank?
-        locale = "en" 
+    if(params[:hl])
+      locale = params[:hl] if AvailableLanguage.all.values.include? params[:hl]
+    end
+    unless locale
+      @matched_locale_from_browser = request.preferred_language_from(AvailableLanguage.all.values)
+      if signed_in?
+        if current_user.locale.blank?
+          locale = "en" 
+        else
+          locale = current_user.locale
+        end
       else
-        locale = current_user.locale
+        locale = @matched_locale_from_browser
       end
-    else
-      locale = @matched_locale_from_browser
     end
     I18n.locale = locale
   end
 
+  def verify_api_key
+    raise ActionController::RoutingError.new("iws_api_key missing") unless IuguSDK::iws_api_key
+  end
+
 end

data/lib/iugusdk/root_tenancy_url.rb

@@ -14,10 +14,10 @@ module IuguSDK
     #   - Return true if request.host is not found in the invalid array
     def self.matches?(request)
       application_domain = IuguSDK::application_main_host
-      valids = [ application_domain, ['www.',application_domain].join ]
+      valids = [ application_domain, ['www.',application_domain].join, 'localhost' ]
       unless Rails.env.production?
-        first_part_uri = application_domain.gsub('.dev','')
-        return true if request.host.match("#{first_part_uri}\.[^\.]+\.[^\.]+\.[^\.]+\.[^\.]+\.xip.io")
+        # first_part_uri = application_domain.gsub('.dev','')
+        return true if request.host.match("#{application_domain}\.[^\.]+\.[^\.]+\.[^\.]+\.[^\.]+\.xip.io")
       end
       valids.include?( request.host )
     end

data/lib/iugusdk/session_parameter_middleware.rb

@@ -0,0 +1,15 @@
+require 'rack/utils'
+
+class SessionParameterMiddleware
+  def initialize(app, session_key = '_session_id')
+    @app = app
+    @session_key = session_key
+  end
+
+  def call(env)
+    # if env['HTTP_USER_AGENT'] =~ /^(Adobe|Shockwave) Flash/
+    params = ::Rack::Utils.parse_query(env['QUERY_STRING'])
+    env['HTTP_COOKIE'] = [ @session_key, params[@session_key] ].join('=').freeze unless params[@session_key].nil?
+    @app.call(env)
+  end
+end

data/lib/iugusdk/version.rb

@@ -1,3 +1,3 @@
 module IuguSDK
-  VERSION = "1.0.0.alpha.3"
+  VERSION = "1.0.0.alpha.4"
 end

data/lib/iugusdk.rb

@@ -4,6 +4,7 @@ require 'simple_form'
 require 'iugusdk/controllers/helpers'
 require 'iugusdk/valid_tenancy_urls'
 require 'iugusdk/root_tenancy_url'
+require 'iugusdk/session_parameter_middleware'
 require "iugusdk/engine"
 require "iugusdk/iugusdk_base_controller"
 require "http_accept_language"
@@ -62,6 +63,12 @@ module IuguSDK
   mattr_accessor :enable_account_api
   self.enable_account_api = false
 
+  mattr_accessor :account_api_tokens
+  self.account_api_tokens = []
+
+  mattr_accessor :enable_user_api
+  self.enable_user_api = false
+
   mattr_accessor :enable_social_login
   self.enable_social_login = false
 
@@ -95,6 +102,14 @@ module IuguSDK
   mattr_accessor :enable_welcome_mail
   self.enable_welcome_mail = false
 
+  mattr_accessor :enable_account_cancel
+  self.enable_account_cancel = true
+
+  mattr_accessor :enable_user_cancel
+  self.enable_user_cancel = true
+
+  mattr_accessor :iws_api_key
+
   self.application_title = 'Application Name'
 
   self.app_main_url = '/'
@@ -105,11 +120,13 @@ module IuguSDK
   self.default_layout = "settings"
   self.alternative_layout = "application"
 
+
   def initialize
   end
 
   def self.setup
     yield self
+    Iugu::Api.token = iws_api_key if self.iws_api_key
   end
 
 end

data/spec/controllers/account_controller_spec.rb

@@ -35,15 +35,25 @@ describe Iugu::AccountController do
 
   context "destroy" do
     login_as_user
-    context "when using right id" do
-      before do
-        get :destroy, :id => @user.accounts.first.id
+    context "when enable_account_cancel == true" do
+      context "and using right id" do
+        before do
+          IuguSDK::enable_account_cancel = true
+          get :destroy, :id => @user.accounts.first.id
+        end
+
+        it { response.should redirect_to account_settings_path }
+
+        it 'should start destruction job' do
+          @user.accounts.first.destroying?.should be_true
+        end
       end
+    end
 
-      it { response.should redirect_to account_settings_path }
-
-      it 'should start destruction job' do
-        @user.accounts.first.destroying?.should be_true
+    context "when enable_account_cancel == false" do
+      it 'should raise RoutingError' do
+        IuguSDK::enable_account_cancel = false
+        lambda{ get :destroy, :id => @user.accounts.first.id }.should raise_error ActionController::RoutingError
       end
     end
 
@@ -116,8 +126,9 @@ describe Iugu::AccountController do
     login_as_user
     before(:each) do
       IuguSDK::enable_account_api = true
+      IuguSDK::account_api_tokens = [ 'test' ]
       @account = @user.accounts.last
-      post :generate_new_token, :account_id => @account.id
+      post :generate_new_token, :account_id => @account.id, :description => 'token x', :api_type => 'test'
     end
 
     it { response.should redirect_to account_view_path(@account.id) }

data/spec/controllers/pricing_controller_spec.rb

@@ -0,0 +1,16 @@
+require 'spec_helper'
+
+describe Iugu::PricingController do
+  login_as_user
+  describe "unless iws_api_key" do
+    before do
+      IuguSDK::iws_api_key = nil
+    end
+    it 'should raise routing error' do
+      lambda {
+        get :index
+      }.should raise_error ActionController::RoutingError
+    end
+  end
+  
+end

data/spec/controllers/profile_controller_spec.rb

@@ -39,13 +39,22 @@ describe Iugu::ProfileController do
 
   context "destroy" do
     login_as_user
+    context "when enable_user_cancel == true" do
+      before(:each) do
+        IuguSDK::enable_user_cancel = true
+        get :destroy
+      end
 
-    before(:each) do
-      get :destroy
+      it 'user should be destroyed' do
+        @user.destroying?.should be_true
+      end
     end
 
-    it 'user should be destroyed' do
-      @user.destroying?.should be_true
+    context "when enable_user_cancel == false" do
+      it 'should raise RoutingError' do
+        IuguSDK::enable_user_cancel = false
+        lambda{get :destroy}.should raise_error ActionController::RoutingError
+      end
     end
   
   end

data/spec/controllers/registration_controller_spec.rb

@@ -26,7 +26,21 @@ describe Iugu::RegistrationsController do
         }.should raise_error ActionController::RoutingError
       end
     end
-  
+
+  end
+
+  context "new" do
+    context "when enable_subscription_features == true and default_subscription_name = nil " do
+      before(:each) do
+        IuguSDK::enable_subscription_features = true
+        IuguSDK::default_subscription_name = nil
+      end
+      it 'should redirect to pricing' do
+        get :new
+        response.should redirect_to pricing_index_path
+      end
+    end
+
   end
 
 end

data/spec/dummy/config/application.rb

@@ -58,8 +58,11 @@ module Dummy
       password: "envioiugu",
       authentication: :plain,
       enable_starttls_auto: true
-    }   
+    }
 
+    # config.session_store :disabled
+    # config.middleware.delete(ActionDispatch::Cookies)
+    # config.middleware.delete(ActionDispatch::Session::CookieStore) 
 
   end
 end