maestrano-rails 1.0.0 → 1.0.2

data/test/dummy_activerecord/tmp/cache/assets/sprockets/v3.0/1Y/1YNesTg9JO8EmKnsQ5o2QuHPY1_SoBI4IzPgjGbNDtg.cache

@@ -0,0 +1 @@
+I"
�app/assets/javascripts/application.js?type=application/javascript&id=4956bec4bde2ef41030bd0fc3f486fb445d4669c08c2c7e154556a27b99a7202:ET

data/test/dummy_activerecord/tmp/cache/assets/sprockets/v3.0/2E/2EMDck6E8hnJgftO6NKYnFBF3I7OY1XxmBhGYJx9hVU.cache

@@ -0,0 +1 @@
+"%C6������ܦ�M=��Qu���/�,"c�5u

data/test/dummy_activerecord/tmp/cache/assets/sprockets/v3.0/2y/2yOKmCmlo43TKFToC7sDi79zv1sEaKuRhPT-9RwLexo.cache

@@ -0,0 +1 @@
+I"}app/assets/stylesheets/application.css?type=text/css&id=b1b22d0cea5648ce45803371c746c2bcf79bd3db02e23763ea1a035b24e22ea5:ET

data/test/dummy_activerecord/tmp/cache/assets/sprockets/v3.0/Br/BrPxwjWI-O7aKFPR9IHgVHTz--0ve7HgO1xAHOSorxw.cache

@@ -0,0 +1 @@
+"%xJ�g&k��"��U���m��X�V�;Fj

data/test/dummy_activerecord/tmp/cache/assets/sprockets/v3.0/GX/GXBrspUeZnBiwFADWDaNmSYt9wkavup0id1nDW51SwI.cache

@@ -0,0 +1,3 @@
+[o:Set:
+@hash{
+I"environment-version:ETTI"environment-paths;TTI"rails-env;TTI"Zprocessors:type=application/javascript&file_type=application/javascript&pipeline=self;TTI"ofile-digest:///home/bruno/.rvm/gems/ruby-2.2.5/gems/jquery-rails-4.2.2/vendor/assets/javascripts/jquery.js;TT

data/test/dummy_activerecord/tmp/cache/assets/sprockets/v3.0/J7/J7Oklw3hOELd9594tXtFa2w66T4_zffVHzJ8TfX9uwc.cache

@@ -0,0 +1 @@
+I"}app/assets/stylesheets/application.css?type=text/css&id=6c90dbc7aa88f45057b3068ff27f73ede5b0901db39f36077794d52f683425af:ET

data/test/dummy_activerecord/tmp/cache/assets/sprockets/v3.0/Lg/LgG4iMjI9pzWwqLjXp3JvB3xs8j14SUJzG4eRCYOWrU.cache

@@ -0,0 +1 @@
+I"
�/home/bruno/.rvm/gems/ruby-2.3.1/gems/jquery-rails-4.2.2/vendor/assets/javascripts/jquery.js?type=application/javascript&pipeline=self&id=03f3de24261a7de4de17340cd6b747bc40433856d7aaed331b2bec91e2d62ad4:ET

data/test/dummy_activerecord/tmp/cache/assets/sprockets/v3.0/MJ/MJ2lcrIryOfzt2cWGx3d8LeFOJoLuIAlrL7SCdGMaik.cache

@@ -0,0 +1 @@
+I"
�/home/bruno/.rvm/gems/ruby-2.2.5/gems/jquery-rails-4.2.2/vendor/assets/javascripts/jquery_ujs.js?type=application/javascript&pipeline=self&id=3b627ce5e981d0d20ac62579499caa5da37fc717e6e33e34e7c2ea3e1cd06ec4:ET

data/test/dummy_activerecord/tmp/cache/assets/sprockets/v3.0/Oa/OaJik9XhKBzY7AT4At2irZpA2GTHO3p4_hUa1ORSzjc.cache

@@ -0,0 +1 @@
+I"
�app/assets/stylesheets/pages.css?type=text/css&pipeline=self&id=5fe282f8c041cf39665bcf1bd06160801627a49dffe5e1773965debafd14a276:ET

data/test/dummy_activerecord/tmp/cache/assets/sprockets/v3.0/VO/VOqmZhoZgNGgBPBfKq2xsc37yyNBBqntTUWteHs1VVc.cache

@@ -0,0 +1 @@
+I"
�/home/bruno/.rvm/gems/ruby-2.2.5/gems/jquery-rails-4.2.2/vendor/assets/javascripts/jquery.js?type=application/javascript&pipeline=self&id=a1edac6d7059f4ba0b20a4599c371db9e970344f618f697f87c851bdd148296d:ET

data/test/dummy_activerecord/tmp/cache/assets/sprockets/v3.0/Vl/VlVHSjm74GkjWDuZlfcI6KAaQ9xjg8meWAssVwt-YMI.cache

@@ -0,0 +1 @@
+"%uW��l��j��Z�xU��>�?]��pc��s

data/test/dummy_activerecord/tmp/cache/assets/sprockets/v3.0/Vt/VtysXvEqJf4LwL6kuKUSWHZbeR_jKoYj_z1L99d5Yzk.cache

@@ -0,0 +1 @@
+I"
�app/assets/javascripts/application.js?type=application/javascript&pipeline=self&id=89d26aa586cfb648307c87b23ccf13971251f6b71ba3cdf5933aa7d2b52d3913:ET

data/test/dummy_activerecord/tmp/cache/assets/sprockets/v3.0/W_/W_AqS_Ihb1uBTP5eubT7Ep7vc3CcoUzol5J0T4xQsL0.cache

@@ -0,0 +1 @@
+I"
�app/assets/stylesheets/application.css?type=text/css&pipeline=self&id=47bec25081299e8e51978cb97cde72312cf393ba7acf9a7a324d075126fbb502:ET

data/test/dummy_activerecord/tmp/cache/assets/sprockets/v3.0/Yc/YcfvUdqaxEInuhPH8QMPNyhWsGLwtIx76o-tR_VUc_0.cache

@@ -0,0 +1 @@
+I"
�/home/bruno/.rvm/gems/ruby-2.3.1/gems/jquery-rails-4.2.2/vendor/assets/javascripts/jquery_ujs.js?type=application/javascript&pipeline=self&id=df1277523069abfa5b1557a89d84fb9b79f764ee30a903349a3aba4b1a05394b:ET

data/test/dummy_activerecord/tmp/cache/assets/sprockets/v3.0/_S/_SiC-nT_xG9vCIPkHUmC7GfAGNufVJLYqHQ4vQLOjvs.cache

@@ -0,0 +1 @@
+I"
�app/assets/javascripts/application.js?type=application/javascript&pipeline=self&id=44c544dfd20ea18f6046d68133ce04e2fc422cde45bbef6c3118e5f4afd0ed6e:ET

data/test/dummy_activerecord/tmp/cache/assets/sprockets/v3.0/dp/dplQ3jBb_bBGoJ4xMRKxYbJR5YoZjuyamwFopJb07Xo.cache

@@ -0,0 +1,3 @@
+[o:Set:
+@hash}
+I"environment-version:ETTI"environment-paths;TTI"rails-env;TTI"Zprocessors:type=application/javascript&file_type=application/javascript&pipeline=self;TTI"sfile-digest:///home/bruno/.rvm/gems/ruby-2.3.1/gems/jquery-rails-4.2.2/vendor/assets/javascripts/jquery_ujs.js;TTF

data/test/dummy_activerecord/tmp/cache/assets/sprockets/v3.0/eZ/eZWyKd8Y-LcqrovIoB-YJiklulQC0CGG0d22eCJcYuU.cache

@@ -0,0 +1 @@
+"%uW��l��j��Z�xU��>�?]��pc��s

data/test/dummy_activerecord/tmp/cache/assets/sprockets/v3.0/em/emPaz2829mOOQZolLXyEoXP73X44t4p-YUUA763b_1k.cache

@@ -0,0 +1 @@
+I"
�app/assets/javascripts/pages.js?type=application/javascript&pipeline=self&id=bc521424c58698c5a076e1bd49d89b228caa78a9a19e75b130af073584b06308:ET

data/test/dummy_activerecord/tmp/cache/assets/sprockets/v3.0/fk/fkliCI8v5fyy_CObCj5Va9hEnO4JqIPX6WBhUYUJS4k.cache

@@ -0,0 +1 @@
+"%xJ�g&k��"��U���m��X�V�;Fj

data/test/dummy_activerecord/tmp/cache/assets/sprockets/v3.0/hk/hkWnysQ9aaUtcEVLGt9gkfzIPrFfFqnR1P4LlriYD40.cache

@@ -0,0 +1 @@
+I"
�app/assets/stylesheets/pages.css?type=text/css&pipeline=self&id=d5611ecf8d9cf969495e33b9d646463e0eb0a408225c0db609a31c9f7ae2ef69:ET

data/test/dummy_activerecord/tmp/cache/assets/sprockets/v3.0/jK/jK6-bONOghUmAYu3DkuJ2MLIlLa8P9kbTE3tc1wBheg.cache

@@ -0,0 +1 @@
+I"
�app/assets/javascripts/pages.js?type=application/javascript&pipeline=self&id=4ff005ba9515424185c5dc3160f65b4c72e6b062da2166461aa362ce12ef44bf:ET

data/test/dummy_activerecord/tmp/cache/assets/sprockets/v3.0/kQ/kQZfXHFhuNUcLTvh4QzLL6fKDZc-8XkwCwT8eMIW8ns.cache

@@ -0,0 +1 @@
+"%C6������ܦ�M=��Qu���/�,"c�5u

data/test/dummy_activerecord/tmp/cache/assets/sprockets/v3.0/my/mybo3dsRj5MFU0orUFY47lfsYuIuBB_KL1Z4aNANxYI.cache

@@ -0,0 +1 @@
+I"
�app/assets/stylesheets/application.css?type=text/css&pipeline=self&id=a61a07e813e5b61cacad673b337b2325af07bc3b4a9f430760eb98fbcff2b45f:ET

data/test/dummy_activerecord/tmp/cache/assets/sprockets/v3.0/qo/qob9eyRuMnynEh3V1dqTC-rEE-j5mOlG7t6EamNVBFY.cache

@@ -0,0 +1,3 @@
+[o:Set:
+@hash}
+I"environment-version:ETTI"environment-paths;TTI"rails-env;TTI"Zprocessors:type=application/javascript&file_type=application/javascript&pipeline=self;TTI"ofile-digest:///home/bruno/.rvm/gems/ruby-2.3.1/gems/jquery-rails-4.2.2/vendor/assets/javascripts/jquery.js;TTF

data/test/dummy_activerecord/tmp/cache/assets/sprockets/v3.0/rm/rmsobLUxsQY2_hRp-ygb9dlbdoHpFlV6FMPnhxqpA1k.cache

@@ -0,0 +1,3 @@
+[o:Set:
+@hash{
+I"environment-version:ETTI"environment-paths;TTI"rails-env;TTI"Zprocessors:type=application/javascript&file_type=application/javascript&pipeline=self;TTI"sfile-digest:///home/bruno/.rvm/gems/ruby-2.2.5/gems/jquery-rails-4.2.2/vendor/assets/javascripts/jquery_ujs.js;TT

data/test/dummy_activerecord/tmp/cache/assets/sprockets/v3.0/sm/sm0X5aOvu10an00TtKAEtdF3Wpi08DQrHKEe3XXNHtk.cache

@@ -0,0 +1 @@
+I"
�app/assets/javascripts/application.js?type=application/javascript&id=463aa6f05a83fffc5766a6d1b3836129b43711061d2d4f16f2aabaa64127fa42:ET

data/test/dummy_mongoid/config/initializers/maestrano.rb

@@ -1,85 +1,7 @@
-# Use this block to configure the behaviour of Maestrano
-# in your app
-Maestrano.configure do |config|
-  
-  # ==> Environment configuration
-  # The environment to connect to.
-  # If set to 'production' then all Single Sign-On (SSO) and API requests
-  # will be made to maestrano.com
-  # If set to 'test' then requests will be made to api-sandbox.maestrano.io
-  # The api-sandbox allows you to easily test integration scenarios.
-  # More details on http://api-sandbox.maestrano.io
-  config.environment = Rails.env.production? ? 'production' : 'test'
-  
-  # ==> App ID & API key
-  # Your application App ID and API key which you can retrieve on http://maestrano.com
-  # via your cloud partner dashboard.
-  # For testing you can retrieve/generate an api_key from the API Sandbox directly 
-  # on http://api-sandbox.maestrano.io
-  config.app_id = Rails.env.production? ? 'prod_app_id' : 'sandbox_app_id'
-  config.api_key = Rails.env.production? ? 'prod_api_key' : 'sandbox_api_key'
-  
-  # ==> Single Sign-On activation
-  # Enable/Disable single sign-on. When troubleshooting authentication issues
-  # you might want to disable SSO temporarily
-  config.sso_enabled = true
-  
-  # ==> Application host
-  # This is your application host (e.g: mysuperapp.com) which is ultimately
-  # used to redirect users to the right SAML url during SSO handshake.
-  config.app_host = Rails.env.production? ? 'https://my-production-app.com' : 'http://localhost::3000'
-  
-  # ==> SSO Initialization endpoint
-  # This is your application path to the SAML endpoint that allows users to
-  # initialize SSO authentication. Upon reaching this endpoint users your
-  # application will automatically create a SAML request and redirect the user
-  # to Maestrano. Maestrano will then authenticate and authorize the user. Upon
-  # authorization the user gets redirected to your application consumer endpoint
-  # (see below) for initial setup and/or login.
-  # The controller for this path is automatically
-  # generated when you run 'rake maestrano:install' and is available at
-  # <rails_root>/app/controllers/maestrano/auth/saml.rb
-  config.sso_app_init_path = '/maestrano/auth/saml/init'
-  
-  # ==> SSO Consumer endpoint
-  # This is your application path to the SAML endpoint that allows users to
-  # finalize SSO authentication. During the 'consume' action your application
-  # sets users (and associated group) up and/or log them in.
-  # The controller for this path is automatically
-  # generated when you run 'rake maestrano:install' and is available at
-  # <rails_root>/app/controllers/maestrano/auth/saml.rb
-  config.sso_app_consume_path = '/maestrano/auth/saml/consume'
-  
-  # ==> SSO User creation mode
-  # !IMPORTANT
-  # On Maestrano users can take several "instances" of your service. You can consider
-  # each "instance" as 1) a billing entity and 2) a collaboration group (this is
-  # equivalent to a 'customer account' in a commercial world). When users login to
-  # your application via single sign-on they actually login via a specific group which
-  # is then supposed to determine which data they have access to inside your application.
-  #
-  # E.g: John and Jack are part of group 1. They should see the same data when they login to
-  # your application (employee info, analytics, sales etc..). John is also part of group 2 
-  # but not Jack. Therefore only John should be able to see the data belonging to group 2.
-  #
-  # In most application this is done via collaboration/sharing/permission groups which is
-  # why a group is required to be created when a new user logs in via a new group (and 
-  # also for billing purpose - you charge a group, not a user directly). 
-  #
-  # == mode: 'real'
-  # In an ideal world a user should be able to belong to several groups in your application.
-  # In this case you would set the 'sso.creation_mode' to 'real' which means that the uid
-  # and email we pass to you are the actual user email and maestrano universal id.
-  #
-  # == mode: 'virtual'
-  # Now let's say that due to technical constraint your application cannot authorize a user
-  # to belong to several groups. Well next time John logs in via a different group there will
-  # be a problem: the user already exists (based on uid or email) and cannot be assigned 
-  # to a second group. To fix this you can set the 'sso.creation_mode' to 'virtual'. In this
-  # mode users get assigned a truly unique uid and email across groups. So next time John logs
-  # in a whole new user account can be created for him without any validation problem. In this
-  # mode the email we assign to him looks like "usr-sdf54.cld-45aa2@mail.maestrano.com". But don't
-  # worry we take care of forwarding any email you would send to this address
-  #
-  config.sso.creation_mode = 'virtual' # or 'real'
-end
+if Rails.env.test?
+  Maestrano.configure do |config|
+    config.environment = 'local'
+  end
+else
+  Maestrano.auto_configure
+end

data/test/tmp/app/controllers/maestrano/account/group_users_controller.rb

@@ -0,0 +1,27 @@
+class Maestrano::Account::GroupUsersController < Maestrano::Rails::WebHookController
+
+  # DELETE /maestrano/account/groups/cld-1/users/usr-1/:tenant
+  # Remove a user from a group
+  def destroy
+    # Set the right uid based on Maestrano.param('sso.creation_mode')
+    user_uid = Maestrano.mask_user(params[:id],params[:group_id]) 
+    group_uid = params[:group_id]
+    tenant = params[:tenant]
+    
+    # Perform association deletion steps here
+    # --
+    # If Maestrano.param('sso.creation_mode') is set to virtual
+    # then you might want to just delete/cancel/block the user
+    #
+    # E.g
+    # user = User.find_by_tenant_and_uid(tenant, user_uid)
+    # organization = Organization.find_by_tenant_and_uid(tenant ,group_uid)
+    # 
+    # if Maestrano.param('sso.creation_mode') == 'virtual'
+    #  user.destroy
+    # else
+    #   organization.remove_user(user)
+    #   user.block_access! if user.reload.organizations.empty?
+    # end
+  end
+end

data/test/tmp/app/controllers/maestrano/account/groups_controller.rb

@@ -0,0 +1,37 @@
+class Maestrano::Account::GroupsController < Maestrano::Rails::WebHookController
+  
+  # DELETE /maestrano/account/groups/cld-1/:tenant
+  # Delete an entire group
+  def destroy
+    group_uid = params[:id]
+    tenant = params[:tenant]
+    
+    # Perform deletion steps here
+    # --
+    # If you need to perform a final checkout
+    # then you can call Maestrano::Account::Bill.create({.. final checkout details ..})
+    # --
+    # If Maestrano.param('sso.creation_mode') is set to virtual
+    # then you might want to delete/cancel/block all users under
+    # that group
+    # --
+    # E.g:
+    # organization = Organization.find_by_tenant_and_uid(tenant, group_uid)
+    #
+    # amount_cents = organization.calculate_total_due_remaining
+    # Maestrano::Account::Bill.create({
+    #   group_id: group_uid, 
+    #   price_cents: amount_cents, 
+    #   description: "Final Payout"
+    # })
+    # 
+    # if Maestrano.param('sso.creation_mode') == 'virtual'
+    #   organization.members.where(provider:'maestrano').each do |user|
+    #   user.destroy
+    # end
+    #
+    # organization.destroy
+    # render json: {success: true}
+    #
+  end
+end

data/test/tmp/app/controllers/maestrano/auth/saml_controller.rb

@@ -0,0 +1,57 @@
+class Maestrano::Auth::SamlController < Maestrano::Rails::SamlBaseController
+  
+  #== POST '/maestrano/auth/saml/consume/:tenant'
+  # Final phase of the Single Sign-On handshake. Find or create
+  # the required resources (user and group) and sign the user
+  # in
+  #
+  # This action is left to you to customize based on your application
+  # requirements. Below is presented a potential way of writing 
+  # the action.
+  #
+  # Assuming you have enabled maestrano on a user model
+  # called 'User' and a group model called 'Organization'
+  # the action could be written the following way
+  def consume
+    ### 1)Find or create the user and the group
+    ### --
+    ### The class method 'find_or_create_for_maestrano' is provided
+    ### by the maestrano-rails gem on the model you have maestrano-ized.
+    ### The method uses the mapping defined in the model 'maestrano_*_via' 
+    ### block to create the resource if it does not exist
+    ### The 'user_auth_hash' and 'group_auth_hash' methods are provided
+    ### by the controller.
+    ### --
+    # user = User.find_or_create_for_maestrano(user_auth_hash)
+    # organization = Organization.find_or_create_for_maestrano(group_auth_hash)
+    #
+    # user.tenant = params[:tenant]
+    # user.save
+    # organization.tenant = params[:tenant]
+    # organization.save
+    #
+    #
+    ### 2) Add the user to the group if not already a member
+    ### --
+    ### The 'user_group_rel_hash' method is provided by the controller.
+    ### The role attribute provided by maestrano is one of the following: 
+    ### 'Member', 'Power User', 'Admin', 'Super Admin'
+    ### The 'member_of?' and 'add_member' methods are not provided by 
+    ### maestrano and are left to you to implement on your models
+    ### --
+    # unless user.member_of?(organization)
+    #   organization.add_member(user,role: user_group_rel_hash[:role])
+    # end
+    #
+    #
+    ### Sign the user in and redirect to application root
+    ### --
+    ### The 'sign_in' method is not provided by maestrano but should already
+    ### be there if you are using an authentication framework like Devise
+    ### --
+    # sign_in(user)
+    # redirect_to root_path
+    
+    raise NotImplemented.new("The consume action should be customized to fit your application needs")
+  end
+end

data/test/tmp/config/initializers/maestrano.rb

@@ -0,0 +1,7 @@
+if Rails.env.test?
+  Maestrano.configure do |config|
+    config.environment = 'local'
+  end
+else
+  Maestrano.auto_configure
+end

data/test/tmp/config/routes.rb

@@ -0,0 +1,60 @@
+Dummy::Application.routes.draw do
+  maestrano_routes
+
+  # The priority is based upon order of creation:
+  # first created -> highest priority.
+
+  # Sample of regular route:
+  #   match 'products/:id' => 'catalog#view'
+  # Keep in mind you can assign values other than :controller and :action
+
+  # Sample of named route:
+  #   match 'products/:id/purchase' => 'catalog#purchase', :as => :purchase
+  # This route can be invoked with purchase_url(:id => product.id)
+
+  # Sample resource route (maps HTTP verbs to controller actions automatically):
+  #   resources :products
+
+  # Sample resource route with options:
+  #   resources :products do
+  #     member do
+  #       get 'short'
+  #       post 'toggle'
+  #     end
+  #
+  #     collection do
+  #       get 'sold'
+  #     end
+  #   end
+
+  # Sample resource route with sub-resources:
+  #   resources :products do
+  #     resources :comments, :sales
+  #     resource :seller
+  #   end
+
+  # Sample resource route with more complex sub-resources
+  #   resources :products do
+  #     resources :comments
+  #     resources :sales do
+  #       get 'recent', :on => :collection
+  #     end
+  #   end
+
+  # Sample resource route within a namespace:
+  #   namespace :admin do
+  #     # Directs /admin/products/* to Admin::ProductsController
+  #     # (app/controllers/admin/products_controller.rb)
+  #     resources :products
+  #   end
+
+  # You can have the root of your site routed with "root"
+  # just remember to delete public/index.html.
+  # root :to => 'welcome#index'
+
+  # See how all your routes lay out with "rake routes"
+
+  # This is a legacy wild controller route that's not recommended for RESTful applications.
+  # Note: This route will make all actions in every controller accessible via GET requests.
+  # match ':controller(/:action(/:id))(.:format)'
+end