RubyGems - maestrano-rails - Versions diffs - 0.15.4 → 1.0.0.pre.RC1 - Mend

maestrano-rails 0.15.4 → 1.0.0.pre.RC1

Files changed (202) hide show

data/test/dummy_activerecord/tmp/cache/sprockets/v3.0/rjZFcBcZBcZzhVbfMwVzSmiPIhOG3lI-TPXRAVtpN6I.cache ADDED Viewed

	@@ -0,0 +1 @@
1	+ "%h�,"x!�ň�yf_C�_��V-� G�:P�

data/test/dummy_activerecord/tmp/cache/sprockets/v3.0/smkGipMoyg_yBW7rvwuP9Ci_fdWK1w68wbhDgjEjHcw.cache ADDED Viewed

Binary file

data/test/dummy_activerecord/tmp/cache/sprockets/v3.0/smpyMrlMLm6NqLzR4-8kAty0B7CHGePCuc4KKNIU43Y.cache ADDED Viewed

	@@ -0,0 +1 @@
1	+ I"�app/assets/javascripts/pages.js?type=application/javascript&pipeline=self&id=8684badc0ff49e8476a25918bfe682f6664b4f656eeb4c497b923cc0604e457a:ET

data/test/dummy_activerecord/tmp/cache/sprockets/v3.0/spcLVj7sWjAbzSoM2eka7e_jHpvNnVKRzuuDwd0m-pQ.cache ADDED Viewed

	@@ -0,0 +1 @@
1	+ "%��h��;��*��b(��n��Gn��L

data/test/dummy_activerecord/tmp/cache/sprockets/v3.0/uESU-1lgcxaDZ5lrTLLAlg8GUd-Igwr2gRavnaveWXU.cache ADDED Viewed

Binary file

data/test/dummy_activerecord/tmp/cache/sprockets/v3.0/y66z-kCCKl0cyGdSI_hQzkRNjxRApQedRgJVTu3BuRo.cache ADDED Viewed

	@@ -0,0 +1,2 @@
1	+ [o:Set:
2	+ @hash{ I"environment-version:ETTI"environment-paths;TTI"Zprocessors:type=application/javascript&file_type=application/javascript&pipeline=self;TTI"sfile-digest:///home/bruno/.rvm/gems/ruby-2.2.1/gems/jquery-rails-4.1.0/vendor/assets/javascripts/jquery_ujs.js;TT

data/test/dummy_activerecord/tmp/cache/sprockets/v3.0/yJMqE54-t1my_dumhIg6mamMyRx0qADs7nY7cks0l-Q.cache ADDED Viewed

	@@ -0,0 +1 @@
1	+ I"�app/assets/stylesheets/pages.css?type=text/css&pipeline=self&id=1f4c61808774a4edfb5283514dae20e34c959807edb6b8819ddd38f402562a51:ET

data/test/dummy_activerecord/tmp/cache/sprockets/v3.0/ypxuZOcRS1MWu4o3mfAWRIDDdEl4uWHuDdXkvQoohc4.cache ADDED Viewed

	@@ -0,0 +1 @@
1	+ I"�app/assets/stylesheets/pages.css?type=text/css&pipeline=self&id=29fba2d97ea0da9cf8efb3a1519b753c361b591290b9ed973e84b8b2cb498a6b:ET

data/test/dummy_activerecord/tmp/cache/sprockets/v3.0/zcBfaDXG5wGN1mPgJL8V1Y7f3VJ7zCZzS4q4zY6CkEM.cache ADDED Viewed

	@@ -0,0 +1 @@
1	+ I"�app/assets/javascripts/application.js?type=application/javascript&pipeline=self&id=8f7206dbdc8a321d9b64c58507304a071e0ae944b05674ddac4f1e3fd9fc331b:ET

data/test/generators/install_generator_test.rb CHANGED Viewed

@@ -3,38 +3,38 @@ require 'test_helper'
 class InstallGeneratorTest < Rails::Generators::TestCase
   tests Maestrano::Generators::InstallGenerator
   destination File.expand_path("../../tmp", __FILE__)
   setup do
     prepare_destination
     copy_routes
   end
   should "create the maestrano initializer" do
     run_generator
     assert_file "config/initializers/maestrano.rb"
   end
   should "create the maestrano/auth/saml_controller" do
     run_generator
     assert_file "app/controllers/maestrano/auth/saml_controller.rb"
   end
   should "create the maestrano/account/groups_controller" do
     run_generator
     assert_file "app/controllers/maestrano/account/groups_controller.rb"
   end
   should "create the maestrano/account/group_users_controller" do
     run_generator
     assert_file "app/controllers/maestrano/account/group_users_controller.rb"
   end
   should "create the maestrano routes" do
     run_generator
     match = /maestrano_routes/
     assert_file "config/routes.rb", match
   end
   def copy_routes
     routes = File.expand_path("../../test_files/config/routes.rb", __FILE__)
     destination = File.join(destination_root, "config")
@@ -42,4 +42,4 @@ class InstallGeneratorTest < Rails::Generators::TestCase
     FileUtils.mkdir_p(destination)
     FileUtils.cp routes, destination
   end
-end
+end

data/test/test_helper.rb CHANGED Viewed

@@ -30,7 +30,7 @@ class ActiveSupport::TestCase
   if TEST_ORM == :active_record
     self.use_transactional_fixtures = false
   end
   setup { DatabaseCleaner.start }
   teardown { DatabaseCleaner.clean }
 end
@@ -39,4 +39,4 @@ end
 require "rails/generators/test_case"
 require "generators/maestrano/install_generator"
 require "generators/maestrano/user_generator"
-require "generators/maestrano/group_generator"
+require "generators/maestrano/group_generator"

data/test/tmp/app/controllers/maestrano/account/group_users_controller.rb ADDED Viewed

@@ -0,0 +1,27 @@
+class Maestrano::Account::GroupUsersController < Maestrano::Rails::WebHookController
+  # DELETE /maestrano/account/groups/cld-1/users/usr-1/:tenant
+  # Remove a user from a group
+  def destroy
+    # Set the right uid based on Maestrano.param('sso.creation_mode')
+    user_uid = Maestrano.mask_user(params[:id],params[:group_id])
+    group_uid = params[:group_id]
+    tenant = params[:tenant]
+    # Perform association deletion steps here
+    # --
+    # If Maestrano.param('sso.creation_mode') is set to virtual
+    # then you might want to just delete/cancel/block the user
+    #
+    # E.g
+    # user = User.find_by_tenant_and_uid(tenant, user_uid)
+    # organization = Organization.find_by_tenant_and_uid(tenant ,group_uid)
+    #
+    # if Maestrano.param('sso.creation_mode') == 'virtual'
+    #  user.destroy
+    # else
+    #   organization.remove_user(user)
+    #   user.block_access! if user.reload.organizations.empty?
+    # end
+  end
+end

data/test/tmp/app/controllers/maestrano/account/groups_controller.rb ADDED Viewed

@@ -0,0 +1,37 @@
+class Maestrano::Account::GroupsController < Maestrano::Rails::WebHookController
+  # DELETE /maestrano/account/groups/cld-1/:tenant
+  # Delete an entire group
+  def destroy
+    group_uid = params[:id]
+    tenant = params[:tenant]
+    # Perform deletion steps here
+    # --
+    # If you need to perform a final checkout
+    # then you can call Maestrano::Account::Bill.create({.. final checkout details ..})
+    # --
+    # If Maestrano.param('sso.creation_mode') is set to virtual
+    # then you might want to delete/cancel/block all users under
+    # that group
+    # --
+    # E.g:
+    # organization = Organization.find_by_tenant_and_uid(tenant, group_uid)
+    #
+    # amount_cents = organization.calculate_total_due_remaining
+    # Maestrano::Account::Bill.create({
+    #   group_id: group_uid,
+    #   price_cents: amount_cents,
+    #   description: "Final Payout"
+    # })
+    #
+    # if Maestrano.param('sso.creation_mode') == 'virtual'
+    #   organization.members.where(provider:'maestrano').each do |user|
+    #   user.destroy
+    # end
+    #
+    # organization.destroy
+    # render json: {success: true}
+    #
+  end
+end

data/test/tmp/app/controllers/maestrano/auth/saml_controller.rb ADDED Viewed

@@ -0,0 +1,57 @@
+class Maestrano::Auth::SamlController < Maestrano::Rails::SamlBaseController
+  #== POST '/maestrano/auth/saml/consume/:tenant'
+  # Final phase of the Single Sign-On handshake. Find or create
+  # the required resources (user and group) and sign the user
+  # in
+  #
+  # This action is left to you to customize based on your application
+  # requirements. Below is presented a potential way of writing
+  # the action.
+  #
+  # Assuming you have enabled maestrano on a user model
+  # called 'User' and a group model called 'Organization'
+  # the action could be written the following way
+  def consume
+    ### 1)Find or create the user and the group
+    ### --
+    ### The class method 'find_or_create_for_maestrano' is provided
+    ### by the maestrano-rails gem on the model you have maestrano-ized.
+    ### The method uses the mapping defined in the model 'maestrano_*_via'
+    ### block to create the resource if it does not exist
+    ### The 'user_auth_hash' and 'group_auth_hash' methods are provided
+    ### by the controller.
+    ### --
+    # user = User.find_or_create_for_maestrano(user_auth_hash)
+    # organization = Organization.find_or_create_for_maestrano(group_auth_hash)
+    #
+    # user.tenant = params[:tenant]
+    # user.save
+    # organization.tenant = params[:tenant]
+    # organization.save
+    #
+    #
+    ### 2) Add the user to the group if not already a member
+    ### --
+    ### The 'user_group_rel_hash' method is provided by the controller.
+    ### The role attribute provided by maestrano is one of the following:
+    ### 'Member', 'Power User', 'Admin', 'Super Admin'
+    ### The 'member_of?' and 'add_member' methods are not provided by
+    ### maestrano and are left to you to implement on your models
+    ### --
+    # unless user.member_of?(organization)
+    #   organization.add_member(user,role: user_group_rel_hash[:role])
+    # end
+    #
+    #
+    ### Sign the user in and redirect to application root
+    ### --
+    ### The 'sign_in' method is not provided by maestrano but should already
+    ### be there if you are using an authentication framework like Devise
+    ### --
+    # sign_in(user)
+    # redirect_to root_path
+    raise NotImplemented.new("The consume action should be customized to fit your application needs")
+  end
+end

data/test/tmp/config/initializers/maestrano.rb ADDED Viewed

@@ -0,0 +1,140 @@
+Maestrano.configure do |config|
+  # ==> Environment configuration
+  # The environment to connect to.
+  # If set to 'production' then all Single Sign-On (SSO) and API requests
+  # will be made to maestrano.com
+  # If set to 'test' then requests will be made to api-sandbox.maestrano.io
+  # The api-sandbox allows you to easily test integration scenarios.
+  # More details on http://api-sandbox.maestrano.io
+  #
+  config.environment = 'test' # or 'production'
+  # ==> Application host
+  # This is your application host (e.g: my-app.com) which is ultimately
+  # used to redirect users to the right SAML url during SSO handshake.
+  #
+  config.app.host = (config.environment == 'production' ? 'https://my-app.com' : 'http://localhost:3000')
+  # ==> App ID & API key
+  # Your application App ID and API key which you can retrieve on http://maestrano.com
+  # via your cloud partner dashboard.
+  # For testing you can retrieve/generate an api.id and api.key from the API Sandbox directly
+  # on http://api-sandbox.maestrano.io
+  #
+  config.api.id = (config.environment == 'production' ? 'prod_app_id' : 'sandbox_app_id')
+  config.api.key = (config.environment == 'production' ? 'prod_api_key' : 'sandbox_api_key')
+  # ==> Single Sign-On activation
+  # Enable/Disable single sign-on. When troubleshooting authentication issues
+  # you might want to disable SSO temporarily
+  #
+  # config.sso.enabled = true
+  # ==> Single Sign-On Identity Manager
+  # By default we consider that the domain managing user identification
+  # is the same as your application host (see above config.app.host parameter)
+  # If you have a dedicated domain managing user identification and therefore
+  # responsible for the single sign-on handshake (e.g: https://idp.my-app.com)
+  # then you can specify it below
+  #
+  # config.sso.idm = (config.environment == 'production' ? 'https://idp.my-app.com' : 'http://localhost:3000')
+  # ==> SSO Initialization endpoint
+  # This is your application path to the SAML endpoint that allows users to
+  # initialize SSO authentication. Upon reaching this endpoint users your
+  # application will automatically create a SAML request and redirect the user
+  # to Maestrano. Maestrano will then authenticate and authorize the user. Upon
+  # authorization the user gets redirected to your application consumer endpoint
+  # (see below) for initial setup and/or login.
+  #
+  # The controller for this path is automatically
+  # generated when you run 'rake maestrano:install' and is available at
+  # <rails_root>/app/controllers/maestrano/auth/saml.rb
+  #
+  config.sso.init_path = '/maestrano/auth/saml/init/default'
+  # ==> SSO Consumer endpoint
+  # This is your application path to the SAML endpoint that allows users to
+  # finalize SSO authentication. During the 'consume' action your application
+  # sets users (and associated group) up and/or log them in.
+  #
+  # The controller for this path is automatically
+  # generated when you run 'rake maestrano:install' and is available at
+  # <rails_root>/app/controllers/maestrano/auth/saml.rb
+  #
+  config.sso.consume_path = '/maestrano/auth/saml/consume/default'
+  # ==> Single Logout activation
+  # Enable/Disable single logout. When troubleshooting authentication issues
+  # you might want to disable SLO temporarily.
+  # If set to false then Maestrano::SSO::Session#valid? - which should be
+  # used in a controller before filter to check user session - always return true
+  #
+  # config.sso.slo_enabled = true
+  # ==> SSO User creation mode
+  # !IMPORTANT
+  # On Maestrano users can take several "instances" of your service. You can consider
+  # each "instance" as 1) a billing entity and 2) a collaboration group (this is
+  # equivalent to a 'customer account' in a commercial world). When users login to
+  # your application via single sign-on they actually login via a specific group which
+  # is then supposed to determine which data they have access to inside your application.
+  #
+  # E.g: John and Jack are part of group 1. They should see the same data when they login to
+  # your application (employee info, analytics, sales etc..). John is also part of group 2
+  # but not Jack. Therefore only John should be able to see the data belonging to group 2.
+  #
+  # In most application this is done via collaboration/sharing/permission groups which is
+  # why a group is required to be created when a new user logs in via a new group (and
+  # also for billing purpose - you charge a group, not a user directly).
+  #
+  # == mode: 'real'
+  # In an ideal world a user should be able to belong to several groups in your application.
+  # In this case you would set the 'sso.creation_mode' to 'real' which means that the uid
+  # and email we pass to you are the actual user email and maestrano universal id.
+  #
+  # == mode: 'virtual'
+  # Now let's say that due to technical constraints your application cannot authorize a user
+  # to belong to several groups. Well next time John logs in via a different group there will
+  # be a problem: the user already exists (based on uid or email) and cannot be assigned
+  # to a second group. To fix this you can set the 'sso.creation_mode' to 'virtual'. In this
+  # mode users get assigned a truly unique uid and email across groups. So next time John logs
+  # in a whole new user account can be created for him without any validation problem. In this
+  # mode the email we assign to him looks like "usr-sdf54.cld-45aa2@mail.maestrano.com". But don't
+  # worry we take care of forwarding any email you would send to this address
+  #
+  # config.sso.creation_mode = 'real' # or 'virtual'
+  # ==> Account Webhooks
+  # Single sign on has been setup into your app and Maestrano users are now able
+  # to use your service. Great! Wait what happens when a business (group) decides to
+  # stop using your service? Also what happens when a user gets removed from a business?
+  # Well the endpoints below are for Maestrano to be able to notify you of such
+  # events.
+  #
+  # Even if the routes look restful we issue only issue DELETE requests for the moment
+  # to notify you of any service cancellation (group deletion) or any user being
+  # removed from a group.
+  #
+  # The controllers for these hooks path are automatically generated when
+  # you run 'rake maestrano:install' and is available under
+  # <rails_root>/app/controllers/maestrano/account/
+  #
+  config.webhook.account.groups_path = '/maestrano/account/groups/:id/default'
+  config.webhook.account.group_users_path = '/maestrano/account/groups/:group_id/users/:id/default'
+end
+# Example of multi-tenant configuration
+Maestrano['other-tenant'].configure do |config|
+  config.environment = 'test'
+  config.app.host = (config.environment == 'production' ? 'https://my-app.com' : 'http://localhost:3000')
+  config.api.id = (config.environment == 'production' ? 'prod_app_id' : 'sandbox_app_id')
+  config.api.key = (config.environment == 'production' ? 'prod_api_key' : 'sandbox_api_key')
+  config.sso.init_path = '/maestrano/auth/saml/init/other-tenant'
+  config.sso.consume_path = '/maestrano/auth/saml/consume/other-tenant'
+  config.webhook.account.groups_path = '/maestrano/account/groups/:id/other-tenant'
+  config.webhook.account.group_users_path = '/maestrano/account/groups/:group_id/users/:id/other-tenant'
+end

data/test/tmp/config/routes.rb ADDED Viewed

@@ -0,0 +1,60 @@
+Dummy::Application.routes.draw do
+  maestrano_routes
+  # The priority is based upon order of creation:
+  # first created -> highest priority.
+  # Sample of regular route:
+  #   match 'products/:id' => 'catalog#view'
+  # Keep in mind you can assign values other than :controller and :action
+  # Sample of named route:
+  #   match 'products/:id/purchase' => 'catalog#purchase', :as => :purchase
+  # This route can be invoked with purchase_url(:id => product.id)
+  # Sample resource route (maps HTTP verbs to controller actions automatically):
+  #   resources :products
+  # Sample resource route with options:
+  #   resources :products do
+  #     member do
+  #       get 'short'
+  #       post 'toggle'
+  #     end
+  #
+  #     collection do
+  #       get 'sold'
+  #     end
+  #   end
+  # Sample resource route with sub-resources:
+  #   resources :products do
+  #     resources :comments, :sales
+  #     resource :seller
+  #   end
+  # Sample resource route with more complex sub-resources
+  #   resources :products do
+  #     resources :comments
+  #     resources :sales do
+  #       get 'recent', :on => :collection
+  #     end
+  #   end
+  # Sample resource route within a namespace:
+  #   namespace :admin do
+  #     # Directs /admin/products/* to Admin::ProductsController
+  #     # (app/controllers/admin/products_controller.rb)
+  #     resources :products
+  #   end
+  # You can have the root of your site routed with "root"
+  # just remember to delete public/index.html.
+  # root :to => 'welcome#index'
+  # See how all your routes lay out with "rake routes"
+  # This is a legacy wild controller route that's not recommended for RESTful applications.
+  # Note: This route will make all actions in every controller accessible via GET requests.
+  # match ':controller(/:action(/:id))(.:format)'
+end