mno-enterprise-api 3.2.1 → 3.3.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: c4af564651978ad7e0b8cbfc14396527b4f2ae32
-  data.tar.gz: bac51a82bde96469c7e137de592b14e71cee1797
+  metadata.gz: 0d1fc05e6d511ddaa9c90ac0eadcfa98f34164be
+  data.tar.gz: 7cd5ece7aef6ec8bedadb102135c9e1aae7de800
 SHA512:
-  metadata.gz: d401dac86e28a8ea2a2c2ec7a8abcc359a11474991172525fe52d8d6fead4cbd29664a3ef7ca1cc9bd550d7f960a0d8fc0c8674f832e725dc2584848e7ab22f3
-  data.tar.gz: e2a50c14be1666f8595b1e007848808ff01ca7eaaa1a696369c1e198a88ccb7bdf776cb60d875f1c8e2bb2f9dd3fa54956e038108fce16b445126fd13124b5e3
+  metadata.gz: e50da83dcdacab9f7e2a4c51a538a00e885a4360c5bb4c40335f635e357c8e67474638c7b4fffaea4f8b13be69ef7a577173d22a3722f305ac39f5290f7aa386
+  data.tar.gz: 04d2713f52f2bdb25d6605b8a9243e3b313e661aebf457cf4af81976ab9d3d74ba30f7952cd054eb6181d94d261dbb9da29713d24369fc6302975e795691c72f

data/app/assets/javascripts/mno_enterprise/config.js.coffee.erb

@@ -11,8 +11,16 @@ angular.module('mnoEnterprise.configuration', [])
   .constant('PRICING_CONFIG', <%= Hash(Settings.pricing).to_json %>)
   .constant('DOCK_CONFIG', <%= Hash(Settings.dock).to_json %>)
   .constant('DEVELOPER_SECTION_CONFIG', <%= Hash(Settings.developer).to_json %>)
+  .constant('ONBOARDING_WIZARD_CONFIG', <%= Hash(Settings.onboarding_wizard).to_json %>)
   .constant('REVIEWS_CONFIG', <%= Hash(Settings.reviews).to_json %>)
+  .constant('QUESTIONS_CONFIG', <%= Hash(Settings.questions).to_json %>)
   .constant('MARKETPLACE_CONFIG', <%= Hash(Settings.marketplace).to_json %>)
+  .constant('ADMIN_PANEL_CONFIG', <%= Hash(Settings.admin_panel).to_json %>)
+  .constant('PAYMENT_CONFIG', <%= Hash(Settings.payment).to_json %>)
+  .constant('ORGANIZATION_MANAGEMENT', <%= Hash(Settings.organization_management).to_json %>)
+  .constant('USER_MANAGEMENT', <%= Hash(Settings.user_management).to_json %>)
+  .constant('AUDIT_LOG', <%= Hash(Settings.audit_log).to_json %>)
   .constant('GOOGLE_TAG_CONTAINER_ID', <%= MnoEnterprise.google_tag_container.to_json %>)
   .constant('INTERCOM_ID', <%= MnoEnterprise.intercom_app_id.to_json %>)
   .constant('APP_NAME', <%= MnoEnterprise.app_name.to_json %>)
+  .constant('URL_CONFIG', <%= Hash(Settings.url_config).to_json %>)

data/app/controllers/mno_enterprise/admin/invoices_controller.rb

@@ -0,0 +1,18 @@
+module MnoEnterprise
+  class Admin::InvoicesController < MnoEnterprise::Jpi::V1::Admin::BaseResourceController
+    # GET /mnoe/invoices/201504-NU4
+    def show
+      @invoice = MnoEnterprise::Invoice.where(slug: params[:id].upcase).reload.first
+
+      respond_to do |format|
+        if @invoice
+          filename = "Invoice - #{@invoice.slug}.pdf"
+          pdf_view = MnoEnterprise::InvoicePdf.new(@invoice).render
+          format.html { send_data pdf_view, filename: filename, type: "application/pdf", disposition: 'inline'  }
+        else
+          format.html { redirect_to root_path, alert: 'Sorry, the page requested could not be displayed' }
+        end
+      end
+    end
+  end
+end

data/app/controllers/mno_enterprise/impersonate_controller.rb

@@ -15,7 +15,11 @@ module MnoEnterprise
       else
         flash[:notice] = "User doesn't exist"
       end
-      redirect_to mnoe_home_path
+
+      path = mnoe_home_path
+      path = add_param_to_fragment(path, 'dhbRefId', params[:dhbRefId]) if params[:dhbRefId].present?
+
+      redirect_to path
     end
 
     # Revert the user impersonation

data/app/controllers/mno_enterprise/jpi/v1/admin/audit_events_controller.rb

@@ -1,3 +1,4 @@
+require 'csv'
 module MnoEnterprise
   class Jpi::V1::Admin::AuditEventsController < Jpi::V1::Admin::BaseResourceController
 
@@ -11,6 +12,14 @@ module MnoEnterprise
       @audit_events = @audit_events.all.fetch
 
       response.headers['X-Total-Count'] = @audit_events.metadata[:pagination][:count]
+
+      respond_to do |format|
+        format.json
+        format.csv do
+          headers['Content-Disposition'] = 'attachment; filename="audit-log.csv"'
+          headers['Content-Type'] ||= 'text/csv'
+        end
+      end
     end
   end
 end

data/app/controllers/mno_enterprise/jpi/v1/admin/users_controller.rb

@@ -29,7 +29,6 @@ module MnoEnterprise
     # POST /mnoe/jpi/v1/admin/users
     def create
       @user = MnoEnterprise::User.build(user_create_params)
-      @user.admin_role = params[:user][:admin_role].presence
 
       if @user.save
         render :show
@@ -40,6 +39,7 @@ module MnoEnterprise
 
     # PATCH /mnoe/jpi/v1/admin/users/:id
     def update
+      # TODO: replace with authorize/ability
       if current_user.admin_role == "admin"
         @user = MnoEnterprise::User.find(params[:id])
         @user.update(user_params)
@@ -79,9 +79,15 @@ module MnoEnterprise
     end
 
     def user_create_params
-      params.require(:user).permit(:name, :surname, :email, :phone).merge(
-        password: 'Password1',
-        confirmed_at: Time.zone.now
+      attrs = [:name, :surname, :email, :phone]
+
+      # TODO: replace with authorize/ability
+      if current_user.admin_role == "admin"
+        attrs << :admin_role
+      end
+
+      params.require(:user).permit(attrs).merge(
+        password: Devise.friendly_token.first(12)
       )
     end
   end

data/app/controllers/mno_enterprise/jpi/v1/audit_events_controller.rb

@@ -0,0 +1,28 @@
+module MnoEnterprise
+  class Jpi::V1::AuditEventsController < Jpi::V1::BaseResourceController
+
+    # GET /mnoe/jpi/v1/admin/audit_events
+    def index
+      @organization = MnoEnterprise::Organization.find(params.require(:organization_id))
+
+      authorize! :administrate, @organization
+
+      @audit_events = MnoEnterprise::AuditEvent.where(organization_id: @organization.id)
+      @audit_events = @audit_events.limit(params[:limit]) if params[:limit]
+      @audit_events = @audit_events.skip(params[:offset]) if params[:offset]
+      @audit_events = @audit_events.order_by(params[:order_by]) if params[:order_by]
+      @audit_events = @audit_events.where(params[:where]) if params[:where]
+      @audit_events = @audit_events.all.fetch
+
+      response.headers['X-Total-Count'] = @audit_events.metadata[:pagination][:count]
+
+      respond_to do |format|
+        format.json
+        format.csv do
+          headers['Content-Disposition'] = 'attachment; filename="audit-log.csv"'
+          headers['Content-Type'] ||= 'text/csv'
+        end
+      end
+    end
+  end
+end

data/app/controllers/mno_enterprise/jpi/v1/base_resource_controller.rb

@@ -1,7 +1,7 @@
 module MnoEnterprise
   class Jpi::V1::BaseResourceController < ApplicationController
     before_filter :check_authorization
-    
+
     protected
 
       def timestamp

data/app/controllers/mno_enterprise/webhook/events_controller.rb

@@ -0,0 +1,7 @@
+module MnoEnterprise
+  # The object received on this controller looks like  Parameters: {"event"=>"", "object"=>{}, "metadata"={}}
+  class Webhook::EventsController < ApplicationController
+    include MnoEnterprise::Concerns::Controllers::Webhook::EventsController
+    # You can easily overwrite/extend this concern by inserting the code here
+  end
+end

data/app/views/mno_enterprise/auth/confirmations/lounge.html.haml

@@ -1,32 +1,33 @@
-.banners.promo.dark.darkblue.confirmation-lounge
+.registration
   .container
     .row
-      .col-md-8.col-md-offset-2
-        .row
-          .align-center
-            %i.fa.fa-envelope
-            %h4= t('mno_enterprise.auth.confirmations.lounge.title')
-            %h5= t('mno_enterprise.auth.confirmations.lounge.subtitle')
-
+      .login-box-wrapper
+        .login-box-title
+          %h2= t('mno_enterprise.auth.confirmations.lounge.title')
+        .login-box
+          .brand-logo
+          %form
+            %label{ :style => "font-weight: normal;"}= t('mno_enterprise.auth.confirmations.lounge.subtitle')
           %div{ 'ng-init' => "email = '#{@resource.email}'"}
-            = form_for(@resource, :as => resource_name, :url => mno_enterprise.user_confirmation_path, :html => { 'name' => 'form', :class => 'dark form-horizontal', :autocomplete => "off" }) do |f|
+            = form_for(@resource, :as => resource_name, :url => mno_enterprise.user_confirmation_path, :html => { 'name' => 'form', class: 'form-horizontal', :autocomplete => "off" }) do |f|
+
               - unless devise_error_messages!.empty?
-                %div
+                .row
                   .alert.alert-error
-                    %button.close{ 'data-dismiss' => "alert" } ×
+                    %button.close ×
                     = devise_error_messages!
               .spacer2
-              .form-group
-                .col-sm-6.col-sm-offset-2
-                  .input-prepend
-                    = f.email_field :email, :placeholder => "Email", :required => true, 'ng-model' => 'email', :class => 'input-xlarge'
-                .col-sm-2
-                  %button{ :class => "btn btn-lg btn-warning", :type => "submit", 'ng-click' => 'hasClicked = true', 'ng-disabled' => 'form.$invalid', 'ng-hide' => 'hasClicked' }= t('mno_enterprise.auth.confirmations.lounge.resend')
-                  %img{ class: 'loader-sm', 'ng-src' => asset_path('mno_enterprise/loader-32x32-bg-main.gif'), 'ng-show' => 'hasClicked' }
-
-    .spacer2
-    .row
-      .col-md-12
-        .align-center
-          %h5
-            = t('mno_enterprise.auth.confirmations.lounge.support_tip_html', email: mail_to(support_email, t('mno_enterprise.auth.confirmations.lounge.support_team'), subject: t('mno_enterprise.auth.confirmations.lounge.support_email_subject')))
+              %hr
+              .form-horizontal
+                .row
+                  .text-center
+                    .col-sm-12
+                      %label{ :style => "font-weight: normal;"}= t('mno_enterprise.auth.confirmations.lounge.resend.description')
+                    .col-sm-12
+                      = f.email_field :email, :placeholder => "Email", :required => true, 'ng-model' => 'email', :class => 'form-control'
+                %br
+                .row
+                  .col-sm-12
+                    .text-center
+                      %button{ :class => "btn btn-warning", :type => "submit", 'ng-click' => 'hasClicked = true', 'ng-disabled' => 'form.$invalid', 'ng-hide' => 'hasClicked' }= t('.resend.button')
+                      %img.ng-hide{ 'ng-src' => asset_path('mno_enterprise/loader-32x32-bg-inverse.gif'), 'ng-show' => 'hasClicked' }

data/app/views/mno_enterprise/jpi/v1/admin/audit_events/_audit_event.json.jbuilder

@@ -1,4 +1,4 @@
-json.extract! audit_event, :id, :key, :user_id, :description, :created_at, :user
+json.extract! audit_event, :id, :key, :user_id, :description, :created_at, :user, :organization
 
 if audit_event.formatted_details.present?
   json.details audit_event.formatted_details

data/app/views/mno_enterprise/jpi/v1/admin/audit_events/index.csv.erb

@@ -0,0 +1,14 @@
+<%- headers = ['Date', 'User', 'User email', 'Organization', 'Organization Name', 'Action', 'Description', 'Details'] -%>
+<%= CSV.generate_line headers -%>
+<%- @audit_events.each do |event| -%>
+<%= CSV.generate_line([
+  event.created_at,
+  event.user[:name],
+  event.user[:email],
+  event.organization_id,
+  event.organization[:name],
+  event.key,
+  event.description,
+  event.formatted_details.present? ? %{#{event.formatted_details}} : event.metadata
+]).html_safe -%>
+<%- end -%>

data/app/views/mno_enterprise/jpi/v1/admin/organizations/_invoices.json.jbuilder

@@ -4,5 +4,6 @@ json.invoices do
     json.ended_at invoice.ended_at
     json.amount AccountingjsSerializer.serialize(invoice.total_due)
     json.paid invoice.paid?
+    json.link mno_enterprise.admin_invoice_path(invoice.slug)
   end
 end

data/app/views/mno_enterprise/jpi/v1/admin/organizations/_organization.json.jbuilder

@@ -1 +1 @@
-json.extract! organization, :id, :name, :uid, :soa_enabled, :created_at
+json.extract! organization, :id, :name, :uid, :soa_enabled, :created_at, :account_frozen

data/app/views/mno_enterprise/jpi/v1/admin/users/show.json.jbuilder

@@ -5,6 +5,7 @@ json.user do
     json.id org.id
     json.uid org.uid
     json.name org.name
+    json.account_frozen org.account_frozen
     json.created_at org.created_at
   end
 end

data/app/views/mno_enterprise/jpi/v1/audit_events/_audit_event.json.jbuilder

@@ -0,0 +1,5 @@
+json.extract! audit_event, :id, :key, :user_id, :description, :created_at, :user
+
+if audit_event.formatted_details.present?
+  json.details audit_event.formatted_details
+end

data/app/views/mno_enterprise/jpi/v1/audit_events/index.csv.erb

@@ -0,0 +1,12 @@
+<%- headers = ['Date', 'User', 'User email', 'Action', 'Description', 'Details'] -%>
+<%= CSV.generate_line headers -%>
+<%- @audit_events.each do |event| -%>
+<%= CSV.generate_line([
+  event.created_at,
+  event.user[:name],
+  event.user[:email],
+  event.key,
+  event.description,
+  event.formatted_details.present? ? %{#{event.formatted_details}} : event.metadata
+]).html_safe -%>
+<%- end -%>

data/app/views/mno_enterprise/jpi/v1/audit_events/index.json.jbuilder

@@ -0,0 +1,4 @@
+json.audit_events do
+  json.array! @audit_events, partial: 'audit_event', as: :audit_event
+end
+json.metadata @audit_events.metadata

data/app/views/mno_enterprise/jpi/v1/current_users/show.json.jbuilder

@@ -27,7 +27,7 @@ json.cache! ['v1', @user.cache_key] do
     # Embed association if user is persisted
     if @user.id
       json.organizations do
-        json.array! (@user.organizations || []) do |o|
+        json.array! (@user.organizations.active || []) do |o|
           json.id o.id
           json.uid o.uid
           json.name o.name

data/app/views/mno_enterprise/jpi/v1/impac/kpis/_kpi.json.jbuilder

@@ -1,4 +1,4 @@
 json.ignore_nil!
 json.extract! kpi, :id, :element_watched, :endpoint, :source, :targets, :settings, :extra_watchables, :extra_params
 
-json.alerts kpi.alerts, partial: 'mno_enterprise/jpi/v1/impac/alerts/alert', as: :alert
+json.alerts kpi.alerts, partial: 'mno_enterprise/jpi/v1/impac/alerts/alert', as: :alert if kpi.alerts.any?

data/app/views/mno_enterprise/jpi/v1/impac/widgets/_widget.json.jbuilder

@@ -1,6 +1,8 @@
 json.id widget.id
 json.name widget.name
-json.category widget.widget_category
+json.endpoint (widget.endpoint || widget.widget_category)
 json.width widget.width
 json.metadata widget.settings
 json.owner widget.owner
+
+json.kpis widget.kpis, partial: 'mno_enterprise/jpi/v1/impac/kpis/kpi', as: :kpi

data/app/views/mno_enterprise/jpi/v1/marketplace/_app.json.jbuilder

@@ -1,7 +1,9 @@
 json.extract! app, :id, :nid, :name, :stack, :key_benefits, :categories, :tags, :tiny_description,
-              :testimonials, :pictures, :pricing_plans, :rank
+              :testimonials, :pictures, :pricing_plans, :rank, :support_url, :key_workflows, :key_features
 
 json.description markdown(app.sanitized_description)
+json.known_limitations markdown(app.known_limitations)
+json.getting_started markdown(app.getting_started)
 
 json.is_responsive app.responsive?
 json.is_star_ready app.star_ready?
@@ -11,8 +13,15 @@ json.single_billing app.single_billing?
 json.multi_instantiable app.multi_instantiable
 json.subcategories app.subcategories
 json.average_rating app.average_rating
+json.add_on app.add_on?
 json.running_instances_count app.running_instances_count
 
+json.shared_entities do
+  json.array! app.shared_entities do |shared_entity|
+    json.extract! shared_entity, :shared_entity_nid, :shared_entity_name, :write, :read
+  end
+end if app.shared_entities.any?
+
 if app.logo
   json.logo app.logo.to_s
 end

data/app/views/mno_enterprise/jpi/v1/organizations/_organization.json.jbuilder

@@ -1,4 +1,4 @@
-json.extract! organization, :id, :name, :soa_enabled, :payment_restriction #, :current_support_plan
+json.extract! organization, :id, :name, :soa_enabled, :payment_restriction, :account_frozen #, :current_support_plan
 # json.show_new_db_features !!organization.get_meta_data(:show_new_db_features)
 # if organization.support_plan
 #   json.custom_training_credits organization.support_plan.custom_training_credits

data/app/views/mno_enterprise/webhook/o_auth/authorize.html.haml

@@ -4,7 +4,7 @@
     .row
       .col-md-6.text-center.col-md-offset-3
         %h3= t('.you_are_redirected')
-        = image_tag('mno_enterprise/maestrano/logo-whitebg.png')
+        = image_tag(main_logo_white_bg_path)
 
         .spacer1
 

data/config/routes.rb

@@ -26,20 +26,27 @@ MnoEnterprise::Engine.routes.draw do
     end
   end
 
+  # Invoices
+  namespace :admin do
+    resources :invoices, only: [:show], constraints: { id: /[\w\-]+/ }
+  end
 
-  get "/impersonate/user/:user_id", to: "impersonate#create", as: :impersonate_user
-  get "/impersonate/revert", to: "impersonate#destroy", as: :revert_impersonate_user
-
+  unless Settings.try(:admin_panel).try(:impersonation).try(:disabled)
+    get "/impersonate/user/:user_id", to: "impersonate#create", as: :impersonate_user
+    get "/impersonate/revert", to: "impersonate#destroy", as: :revert_impersonate_user
+  end
 
   #============================================================
   # Devise/User Configuration
   #============================================================
   # Main devise configuration
+  skipped_devise_modules = [:omniauth_callbacks]
+  skipped_devise_modules << :registrations if Settings.try(:devise).try(:registration).try(:disabled)
   devise_for :users, {
       class_name: "MnoEnterprise::User",
       module: :devise,
       path_prefix: 'auth',
-      skip: :omniauth_callbacks,
+      skip: skipped_devise_modules,
       controllers: {
           confirmations: "mno_enterprise/auth/confirmations",
           omniauth_callbacks: "mno_enterprise/auth/omniauth_callbacks",
@@ -84,6 +91,8 @@ MnoEnterprise::Engine.routes.draw do
         get :sync
       end
     end
+    # Maestrano-hub events
+    resources :events, only: [:create] 
   end
 
   #============================================================
@@ -95,7 +104,7 @@ MnoEnterprise::Engine.routes.draw do
         member do
           %i(app_reviews app_feedbacks app_comments app_questions app_answers).each do |name|
             resources name, except: [:new, :edit], param: :review_id
-          end  
+          end
         end
       end
       resource :current_user, only: [:show, :update] do
@@ -125,6 +134,8 @@ MnoEnterprise::Engine.routes.draw do
         end
 
         resources :app_instances_sync, only: [:create, :index]
+
+        resources :audit_events, only: [:index]
       end
 
       resources :deletion_requests, only: [:show, :create, :destroy] do

data/lib/mno_enterprise/audit_events_listener.rb

@@ -8,21 +8,26 @@ module MnoEnterprise
     basic_auth MnoEnterprise.tenant_id, MnoEnterprise.tenant_key
 
     def info(key, current_user_id, description, subject_type, subject_id, metadata)
-      self.class.post('', body: {
+      organization_id = if (subject_type == 'MnoEnterprise::Organization') then
+                          subject_id
+                        elsif metadata.is_a?(Hash)
+                          metadata[:organization_id].presence
+                        end
+      body = {
         data: {
           key: key,
           user_id: current_user_id,
           description: description,
           metadata: metadata,
           subject_type: subject_type,
-          subject_id: subject_id
-        }})
+          subject_id: subject_id,
+        }
+      }
+      body[:data][:organization_id] = organization_id if organization_id
+      self.class.post('', body: body)
     rescue Net::ReadTimeout
       # Meant to fail
     end
-
   end
-
-
 end