kaui 0.8.3 → 0.8.4

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: e8e7685a1afe2252804642a60974815cd5e37360
-  data.tar.gz: 3947baffe131d77bcd535819ad0bd40826b7b2d8
+  metadata.gz: b2789a969d9773d7b85873b78de5e7499e8a0bff
+  data.tar.gz: 16387777a6d098c092cfb74b6bbf35c771f852d3
 SHA512:
-  metadata.gz: eb3e2a65564487e86e37bd810c3ac4e2309a80dd91df63ef1b6252a38fe72b24e3e9e876ad8dc4c92232d2c0bff178014802f1e4d78abde725b4176365f08fcc
-  data.tar.gz: 7a3ea522f0f04c9a18c0fc7e4f84a977b0910c13a679f18370e323bc51b8b74a775b92532148d085ad4c69467636040815671b7197ea688390b43419b9da8b9c
+  metadata.gz: e5da777efcada57eefc888c217e444059cce523e8bc37d4fb2395e7b3252e010f4e82e3d5ff5d4986a2cff8caf40a41e471f5a6e52e5c21ac0d89eeebfd061fb
+  data.tar.gz: fb7a52912944083a5142609d150d272c78e1176b0a3c1e918e7adc513839e610d97d56cf3c36a59417a522af5b9abbda39f8694efe045bbc3ce0d9320ad058fb

data/Gemfile

@@ -1,3 +1,6 @@
 source 'http://rubygems.org'
 
 gemspec
+
+#gem 'killbill-client', :path => '../killbill-client-ruby'
+

data/Gemfile.lock

@@ -1,13 +1,13 @@
 PATH
   remote: .
   specs:
-    kaui (0.8.3)
+    kaui (0.8.4)
       cancan (~> 1.6.10)
       carmen-rails (~> 1.0.0)
       d3_rails (~> 3.2.8)
       devise (~> 3.0.2)
       jquery-rails (~> 3.0.4)
-      killbill-client (~> 0.10.6)
+      killbill-client (~> 0.10.7)
       money-rails (~> 0.8.1)
       rails (~> 3.2.14)
       symmetric-encryption (~> 3.6.0)
@@ -67,7 +67,7 @@ GEM
       warden (~> 1.2.3)
     docile (1.1.5)
     erubis (2.7.0)
-    execjs (2.3.0)
+    execjs (2.4.0)
     fakeweb (1.3.0)
     hike (1.2.3)
     i18n (0.6.11)
@@ -76,13 +76,13 @@ GEM
       railties (>= 3.0, < 5.0)
       thor (>= 0.14, < 2.0)
     json (1.8.2)
-    killbill-client (0.10.6)
+    killbill-client (0.10.7)
       json (>= 1.2.0)
     mail (2.5.4)
       mime-types (~> 1.16)
       treetop (~> 1.4.8)
     mime-types (1.25.1)
-    money (5.1.0)
+    money (5.1.1)
       i18n (~> 0.6.0)
     money-rails (0.8.1)
       activesupport (>= 3.0)

data/README.md

@@ -97,7 +97,7 @@ KAUI has been enhanced to support multi-tenancy. In order to benefit from that m
 Admin User Roles
 -------------------------
 
-In multi-tenancy mode, there are two kind of users:
+In multi-tenancy mode, there are two kinds of users:
 
 * The **multi-tenant admin** user, which has the rights to configure the tenant information (creation of tenant, add allowed users for specific tenant, upload catalog, ...)
 * The **per-tenant admin** user, which operates just a given tenant
@@ -116,7 +116,7 @@ Multi-tenancy screens
 
 KAUI has been enriched with new models and new screens to manage the multi-tenancy, and those are available for the multi-tenant admin user:
 
-* The `kaui_tenants` table will list the available tenants (from KAUI point of view); note that this is redundant with the Kill Bill `tenants` table, and the reason is that the `api_secret` needs to maintained in KAUI as well, so listing the existing tenants from Kill Bill would not work since that key is encrypted and cannot be returned. A new screen mounted on `/admin_tenants` allows to configure new tenants. The view allows to create the new tenant in Kill Bill or simply updates the local KAUI config if the tenant already exists.
+* The `kaui_tenants` table will list the available tenants (from KAUI point of view); note that this is redundant with the Kill Bill `tenants` table, and the reason is that the `api_secret` needs to be maintained in KAUI as well, so listing the existing tenants from Kill Bill would not work since that key is encrypted and cannot be returned. A new screen mounted on `/admin_tenants` allows to configure new tenants. The view allows to create the new tenant in Kill Bill or simply updates the local KAUI config if the tenant already exists.
 * The `kaui_allowed_users` table along with the join table `kaui_allowed_user_tenants` will list all the users in the system that can access specific tenants. The join table is required since a given user could access multiple tenants (e.g multi-tenant admin user), and at the same time many users could access the same tenant. A new screen mounted on `/admin_allowed_users` allows to configure the set of allowed users associated to specific tenants.
 
 

data/app/controllers/kaui/admin_tenants_controller.rb

@@ -58,6 +58,11 @@ module Kaui
 
     def show
       @tenant = Kaui::Tenant.find(params[:id])
+      user = current_user
+      if @tenant.kaui_allowed_users.index { |e| e.kb_username == user.kb_username}.nil?
+        flash[:error] = "Does not have permissions to see tenant id #{params[:id]}"
+        redirect_to admin_tenants_path and return
+      end
       render
     end
 

data/app/models/kaui/ability.rb

@@ -33,9 +33,15 @@ module Kaui
       #
       to_be_model, action = permission.split(':')
       # Currently the only actions implemented for overdue and catalog (upload_config) are those implemented at the tenant level:
-      if to_be_model == 'tenant' || 'overdue' || 'catalog'
+      if to_be_model == 'tenant' ||
+          to_be_model == 'overdue' ||
+          to_be_model == 'catalog'
         to_be_model = 'admin_tenant'
       end
+      if to_be_model == 'entitlement'
+        to_be_model = 'subscription'
+      end
+
       [to_be_model, action]
     end
   end

data/app/views/kaui/admin_tenants/show.html.erb

@@ -1,13 +1,13 @@
-<% if can? :view, Kaui::AdminTenant %>
-    <dl class="dl-horizontal">
-      <dt>Name:</dt>
-      <dd><%= @tenant.name %>&nbsp;</dd>
-      <dt>Tenant ID:</dt>
-      <dd><%= @tenant.kb_tenant_id %>&nbsp;</dd>
-      <dt>API Key:</dt>
-      <dd><%= @tenant.api_key %>&nbsp;</dd>
-    </dl>
+<dl class="dl-horizontal">
+  <dt>Name:</dt>
+  <dd><%= @tenant.name %>&nbsp;</dd>
+  <dt>Tenant ID:</dt>
+  <dd><%= @tenant.kb_tenant_id %>&nbsp;</dd>
+  <dt>API Key:</dt>
+  <dd><%= @tenant.api_key %>&nbsp;</dd>
+</dl>
 
+<% if can? :view, Kaui::AdminTenant %>
     <% unless @tenant.kaui_allowed_users.empty? %>
         <h3>Allowed Users:</h3>
         <table id="allowed-users-for-tenant-table" class="table table-condensed">

data/kaui.gemspec

@@ -27,7 +27,7 @@ Gem::Specification.new do |s|
   s.add_dependency 'money-rails', '~> 0.8.1'
   s.add_dependency 'd3_rails', '~> 3.2.8'
   s.add_dependency 'twitter-bootstrap-rails', '~> 2.2.8'
-  s.add_dependency 'killbill-client', '~> 0.10.6'
+  s.add_dependency 'killbill-client', '~> 0.10.7'
   s.add_dependency 'devise', '~> 3.0.2'
   s.add_dependency 'cancan', '~> 1.6.10'
   s.add_dependency 'carmen-rails', '~> 1.0.0'

data/lib/kaui/version.rb

@@ -1,3 +1,3 @@
 module Kaui
-  VERSION = '0.8.3'
+  VERSION = '0.8.4'
 end

data/test/functional/kaui/admin_tenants_controller_test.rb

@@ -2,7 +2,6 @@ require 'test_helper'
 
 module Kaui
   class AdminTenantsControllerTest < Kaui::FunctionalTestHelper
-
     test "should get new" do
       post :new
       assert_response :success
@@ -10,26 +9,45 @@ module Kaui
 
     test "should get create" do
       now = Time.now.to_s
-      post :create, :tenant => { :name => 'Goldorak_' + now, :api_key => '12345_' + now, :api_secret => 'ItH@st0beComplic@ted'}
+      post :create, { :tenant => { :name => 'Goldorak_' + now, :api_key => '12345_' + now, :api_secret => 'ItH@st0beComplic@ted'}, :create_tenant => true}
       assert_response 302
     end
 
 
-    test "should get show" do
+    test "should get index" do
+      get :index
+      assert_response :success
+    end
+
+    test "should get show with allowed user" do
       tenant = Kaui::Tenant.new
       tenant.name = 'foo'
       tenant.api_key = 'api_key'
       tenant.api_secret = 'api_secret'
       tenant.kb_tenant_id = 'kb_tenant_id'
       tenant.save!
+
+      # Add an allowed user that will verify that we can only
+      au = Kaui::AllowedUser.find_by_kb_username('admin')
+      au.kaui_tenants << tenant
+
       get :show, :id => tenant.id
       assert_response :success
     end
 
+    test "should get show with NO allowed user" do
+      tenant = Kaui::Tenant.new
+      tenant.name = 'foo'
+      tenant.api_key = 'api_key'
+      tenant.api_secret = 'api_secret'
+      tenant.kb_tenant_id = 'kb_tenant_id'
+      tenant.save!
 
-    test "should get index" do
-      get :index
-      assert_response :success
+      get :show, :id => tenant.id
+      assert_response 302
+      # Clear it before we call check_no_flash_error
+      flash[:error] = nil
     end
+
   end
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: kaui
 version: !ruby/object:Gem::Version
-  version: 0.8.3
+  version: 0.8.4
 platform: ruby
 authors:
 - Killbill core team
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2015-03-03 00:00:00.000000000 Z
+date: 2015-03-17 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rails
@@ -86,14 +86,14 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 0.10.6
+        version: 0.10.7
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 0.10.6
+        version: 0.10.7
 - !ruby/object:Gem::Dependency
   name: devise
   requirement: !ruby/object:Gem::Requirement
@@ -497,7 +497,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
 requirements: []
 rubyforge_project: 
-rubygems_version: 2.2.2
+rubygems_version: 2.4.6
 signing_key: 
 specification_version: 4
 summary: Killbill Admin UI mountable engine