jobshop 0.0.14 → 0.0.15

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: eda45d633fbb49843d85a4afec86b54c411fba69
-  data.tar.gz: 1ca319d1f6b37819a8fb7587498accfa45b819a7
+  metadata.gz: b40482d948a58938955b3133971e53032caa54fb
+  data.tar.gz: fadf4c7b7f987f810b732a1eeded4ca4edaf2be7
 SHA512:
-  metadata.gz: 7f68c57b8e7808d56eb8e9c52885f73da50cf483a3922b8b012dd45c86133eb421f6a283296bc5f71acd440e7149dffd3d5812be50bdcaa73f62b84a0b883679
-  data.tar.gz: 97d5080e9c135d8cc52f2b7752d2316b96d4bbecdf7bd0969df3829c77e201d3f51e47c57851d6c0d46261c13873b1d4dcf984db56f6ebc57d4904ca40e7b914
+  metadata.gz: ca99cbcb216815970ea4111c708c74450f49942c536ff14953c6f7c78f2d465dbb9bb4c6e1163823a1fe4aa81ee1fe482743d2539eeb3605c84d919e4ea0c5cf
+  data.tar.gz: 550c1aa4d0e8ac61a9e38b2c5742200f49d1ba819b8f9750f805941036b0f18ebb2914b879d8d1cd0e4c9c7e520e93ce7ae3ff05712a407b6753e1f38445d247

data/app/assets/stylesheets/jobshop/application.scss

@@ -10,8 +10,8 @@ html, body {
   font-family: "Roboto", "Helvetica", sans-serif;
 }
 
-html { height: 100% }
-body { min-height: 100%; }
+html { height: 100%; }
+body { min-height: 100%; margin: 0 auto; }
 
 main {
   display: flex;
@@ -22,7 +22,6 @@ main {
 #register {
   @extend .mdl-shadow--2dp;
 
-  margin: 1rem;
   width: 100%;
 
   @include tablet-up {

data/app/controllers/jobshop/application_controller.rb

@@ -1,3 +1,7 @@
+# Parts of this class borrowed from:
+# https://gist.github.com/josevalim/fb706b1e933ef01e4fb6
+# Thank you Jose Valim!
+
 module Jobshop
   class ApplicationController < ActionController::Base
     include Pundit
@@ -6,10 +10,25 @@ module Jobshop
 
     protect_from_forgery
 
+    before_action :authenticate_user_from_email!
     before_action :authenticate_user!
 
-  #  after_action :verify_authorized, except: :index
-  #  after_action :verify_policy_scoped, :only => :index
+    # after_action :verify_authorized, except: :index
+    # after_action :verify_policy_scoped, :only => :index
+
+    private
+
+    def authenticate_user_from_email!
+      token = EmailAuthenticationToken.new(
+        params.fetch(:user_email, nil),
+        params.fetch(:email_authentication_token, nil)
+      )
+
+      if token.valid?
+        sign_in token.user
+        token.destroy
+      end
+    end
 
     def layout_for_application
       if devise_controller? && controller_name == "sessions" ||
@@ -20,5 +39,46 @@ module Jobshop
         "jobshop/application"
       end
     end
+
+    class EmailAuthenticationToken
+      attr_reader :token
+
+      def initialize(email, token)
+        @email = email
+        @token = token
+      end
+
+      def valid?
+        user && token && !expired? && secure_compare
+      end
+
+      def user
+        @user ||= Jobshop::User.where(email: @email)
+          .where.not(email_authentication_token_sent_at: nil).first
+      end
+
+      def destroy
+        user.update({
+          email_authentication_token:         nil,
+          email_authentication_token_sent_at: nil
+        })
+      end
+
+      def secure_compare
+        # Notice how we use Devise.secure_compare to compare the token in the
+        # database with the token given in the params, mitigating timing
+        # attacks.
+        Devise.secure_compare(user.email_authentication_token, token)
+      end
+
+      def expired?
+        @expired ||= Time.now >= expires_on
+      end
+
+      def expires_on
+        # TODO: Make token expiration configurable in initializers/jobshop.rb.
+        @expires_on ||= user.email_authentication_token_sent_at + 6.hours
+      end
+    end
   end
 end

data/app/controllers/jobshop/teams/lookups_controller.rb

@@ -9,7 +9,20 @@ module Jobshop
     end
 
     def create
-      # noop
+      email_addresses = params[:user][:email].split(",").map(&:strip).take(5)
+
+      @lookup = Jobshop::User
+        .where(email: email_addresses)
+        .joins(:team)
+        .select("jobshop_users.id AS id",
+                "email",
+                "jobshop_teams.name AS team_name")
+        .group_by(&:email)
+
+      @lookup.each_pair do |email, teams|
+        Jobshop::TeamsMailer.found_teams(email, teams).deliver_later
+      end
+
       redirect_to new_user_session_path
     end
   end

data/app/mailers/jobshop/application_mailer.rb

@@ -0,0 +1,8 @@
+module Jobshop
+  class ApplicationMailer < ActionMailer::Base
+    default from: "jobshop-teams-lookup@example.com"
+
+    layout "jobshop/mailer"
+  end
+end
+

data/app/mailers/jobshop/teams_mailer.rb

@@ -0,0 +1,10 @@
+module Jobshop
+  class TeamsMailer < ApplicationMailer
+    def found_teams(email, teams)
+      @email = email
+      @teams = teams
+
+      mail(to: @email, subject: "We found your Jobshop Teams!")
+    end
+  end
+end

data/app/models/jobshop/user.rb

@@ -2,11 +2,18 @@ module Jobshop
   class User < ApplicationRecord
     # Include default devise modules. Others available are:
     # :confirmable, :lockable, :timeoutable and :omniauthable
-    devise :database_authenticatable, :recoverable, :rememberable, :validatable
+    devise :database_authenticatable, :recoverable, :rememberable
 
     belongs_to :team, optional: true
     has_one :default_dashboard, class_name: "Jobshop::Dashboard", through: :team
 
-    validates_uniqueness_of :email
+    private
+
+    def generate_email_authentication_token
+      loop do
+        token = Devise.friendly_token
+        break token unless Jobshop::User.where(email_authentication_token: token).first
+      end
+    end
   end
 end

data/app/views/jobshop/teams_mailer/found_teams.text.erb

@@ -0,0 +1,7 @@
+Hi <%= @email %>,
+
+We found the following teams linked to your email address:
+
+<% @teams.each do |team| %>
+  You belong to: <%= team.team_name %>
+<% end %>

data/app/views/layouts/jobshop/mailer.text.erb

@@ -0,0 +1 @@
+<%= yield %>

data/config/initializers/assets.rb

@@ -1,7 +1,7 @@
 # Be sure to restart your server when you modify this file.
 
 # Version of your assets, change this if you want to expire all your assets.
-Rails.application.config.assets.version = '3.0'
+Rails.application.config.assets.version = "4"
 
 # Add additional assets to the asset load path
 # Rails.application.config.assets.paths << Emoji.images_path

data/db/migrate/20160718130211_reindex_jobshop_users_by_email_and_team_id.rb

@@ -0,0 +1,6 @@
+class ReindexJobshopUsersByEmailAndTeamId < ActiveRecord::Migration[5.0]
+  def change
+    remove_index :jobshop_users, :email
+    add_index :jobshop_users, [ :email, :team_id ], unique: true
+  end
+end

data/db/migrate/20160720201947_add_authentication_token_to_jobshop_users.rb

@@ -0,0 +1,6 @@
+class AddAuthenticationTokenToJobshopUsers < ActiveRecord::Migration[5.0]
+  def change
+    add_column :jobshop_users, :email_authentication_token, :string
+    add_column :jobshop_users, :email_authentication_token_sent_at, :datetime
+  end
+end

data/lib/jobshop/templates/dummy_template.rb

@@ -22,6 +22,14 @@ unless Dir.exist?("db/migrate")
   Dir.mkdir("db/migrate")
 end
 
+# Mailer previews don't really play nice with Engines so in the dummy app we
+# create an initializer to expose them properly.
+initializer "expose_mailer_previews.rb", <<-INITIALIZER.strip_heredoc
+  Rails.application.configure do
+    config.action_mailer.preview_path = "#{Jobshop::Engine.root}/spec/mailers"
+  end
+INITIALIZER
+
 route "mount Jobshop::Engine => \"/\""
 
 rake "db:create"

data/lib/jobshop/version.rb

@@ -6,7 +6,7 @@ module Jobshop
   module VERSION
     MAJOR = 0
     MINOR = 0
-    TINY  = 14
+    TINY  = 15
     PRE   = nil
 
     CODE_NAME = "bump it up".freeze

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: jobshop
 version: !ruby/object:Gem::Version
-  version: 0.0.14
+  version: 0.0.15
 platform: ruby
 authors:
 - Frank J. Mattia
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2016-07-13 00:00:00.000000000 Z
+date: 2016-07-21 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: coffee-rails
@@ -328,6 +328,8 @@ files:
 - app/controllers/jobshop/teams_controller.rb
 - app/helpers/jobshop/application_helper.rb
 - app/jobs/jobshop/application_job.rb
+- app/mailers/jobshop/application_mailer.rb
+- app/mailers/jobshop/teams_mailer.rb
 - app/models/jobshop/application_record.rb
 - app/models/jobshop/dashboard.rb
 - app/models/jobshop/registration.rb
@@ -350,7 +352,9 @@ files:
 - app/views/jobshop/dashboards/show.html.haml
 - app/views/jobshop/teams/lookups/show.html.haml
 - app/views/jobshop/teams/registrations/new.html.haml
+- app/views/jobshop/teams_mailer/found_teams.text.erb
 - app/views/layouts/jobshop/application.html.haml
+- app/views/layouts/jobshop/mailer.text.erb
 - app/views/layouts/jobshop/unauthenticated.html.haml
 - config/initializers/assets.rb
 - config/initializers/devise.rb
@@ -365,6 +369,8 @@ files:
 - db/migrate/20160323132658_rename_configuration_token_to_registration_token.rb
 - db/migrate/20160417210218_create_jobshop_dashboards.rb
 - db/migrate/20160425062447_rename_site_to_team.rb
+- db/migrate/20160718130211_reindex_jobshop_users_by_email_and_team_id.rb
+- db/migrate/20160720201947_add_authentication_token_to_jobshop_users.rb
 - db/migrate/keep
 - lib/generators/jobshop/config/config_generator.rb
 - lib/generators/jobshop/config/templates/jobshop.rb.tt