mno-enterprise-api 3.3.2 → 3.3.3

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 846a1b37e09b4377d95942c2a767e6940b6accf9
-  data.tar.gz: 523280be7a240646691ccacb1b9da059154ac75c
+  metadata.gz: '099fadd5ea1001d81625619146fae278ac0e4dc5'
+  data.tar.gz: 6ae4bbbc3816b0586207eaa69ef00553d15757e4
 SHA512:
-  metadata.gz: 6f52fd948f00c51ea0d3b450864ee3ca443fc3f57f82c45b93994b5be7a1ee9e91fdfc0e91c93aa589225f156a26bb28b3037707f10a279a4a8db79b273cabd7
-  data.tar.gz: 57243387693928174a98c694054fbfdbd4e788101656800674a4297b4556c3a9cfd4ede660bd0d5323c65b0b0968cefb95d68f5ec338392dea89cde4b4f1c8e0
+  metadata.gz: c1e148479e13a8cf64bde6d1b616a7cb603f5a033f938f410bce5dcfa69d2e2ea58881437ee395568ccaede17d8cc1e56a8c03485e8808acad167e3bc63f766e
+  data.tar.gz: 6f10048ccefcb4eff756ee4cc67925e0114c31c896c7729220e31238c32f6eecce8d9e1c61ddb61cdba80ce1e2441a4616af6d072336e4ed0aec5b5a7423efdb

data/app/assets/javascripts/mno_enterprise/config.js.coffee.erb

@@ -24,4 +24,6 @@ angular.module('mnoEnterprise.configuration', [])
   .constant('INTERCOM_ID', <%= MnoEnterprise.intercom_app_id.to_json %>)
   .constant('APP_NAME', <%= MnoEnterprise.app_name.to_json %>)
   .constant('URL_CONFIG', <%= Hash(Settings.url_config).to_json %>)
-  .constant('DEVISE_CONFIG', <%= Hash(Settings.devise).to_json %>)
+  .constant('DEVISE_CONFIG', <%=
+      Hash(Settings.devise).merge(min_password_length: Devise.password_length.min, timeout_in: Devise.timeout_in).to_json
+    %>)

data/app/assets/javascripts/mno_enterprise/error_page.js

@@ -0,0 +1,60 @@
+var mnoHub = {};
+
+mnoHub.check = function() {
+  var xhr = new XMLHttpRequest();
+  mnoHub.notify("Checking...");
+
+  xhr.onreadystatechange = function() {
+    if (xhr.readyState == XMLHttpRequest.DONE ) {
+      console.log (xhr.status);
+      if(xhr.status < 500) {
+        mnoHub.notify("Application is now running! Redirecting...")
+        mnoHub.stopAutoCheck();
+        return window.setTimeout(function() {
+          return mnoHub.redirect();
+        }, 4 * 1000);
+      }
+      window.setTimeout(function() {
+        mnoHub.notify('');
+      }, 1 * 1000);
+    }
+  }
+
+  xhr.ontimeout = function () {
+    mnoHub.notify('');
+  }
+
+  xhr.timeout = 15000; //15 seconds
+  xhr.open("GET", "/mnoe/health_check/full.json", true);
+  xhr.send();
+};
+
+mnoHub.redirect = function() {
+  return window.location.href = "/";
+};
+
+mnoHub.startAutoCheck = function() {
+  // For 500 error, we should not keep auto refreshing the page till bug
+  //  is resolved manually by our team.
+  var page_error_code = document.getElementById('status_code').value;
+  if(parseInt(page_error_code) == 500) {
+    return;
+  }
+
+  return mnoHub.timerId = window.setInterval(function() {
+    return mnoHub.check();
+  }, 10 * 1000);
+};
+
+mnoHub.stopAutoCheck = function() {
+  if (mnoHub.timerId != null) {
+    return window.clearInterval(mnoHub.timerId);
+  }
+};
+
+mnoHub.notify = function(msg) {
+  var elem = document.getElementById('error-loader');
+  elem.innerHTML = msg;
+}
+
+mnoHub.startAutoCheck();

data/app/controllers/devise/password_expired_controller.rb

@@ -4,13 +4,9 @@ class Devise::PasswordExpiredController < DeviseController
   prepend_before_filter :authenticate_scope!, :only => [:show, :update]
 
   def show
-    if defined?(MnoEnterprise::Frontend)
-      respond_with(resource)
-    else
-      respond_with resource do |format|
-        format.html
-        format.json {render json: {error: 'Your password is expired. Please renew your password.'}, status: :forbidden}
-      end
+    respond_with resource do |format|
+      format.html
+      format.json {render json: {error: 'Your password is expired. Please renew your password.'}, status: :forbidden}
     end
   end
 

data/app/controllers/mno_enterprise/jpi/v1/admin/invites_controller.rb

@@ -6,13 +6,9 @@ module MnoEnterprise::Jpi::V1::Admin
       user = MnoEnterprise::User.find(params[:user_id])
       return render json: {error: 'Could not find account or user'}, status: :not_found unless @organization && user
 
-      if user.confirmation_required?
-        user.resend_confirmation_instructions
-      else
-        invite = find_org_invite(@organization, user)
-        return render json: {error: 'No active invitation found'}, status: :not_found unless invite
-        send_org_invite(invite)
-      end
+      invite = find_org_invite(@organization, user)
+      return render json: {error: 'No active invitation found'}, status: :not_found unless invite
+      send_org_invite(user, invite)
 
       MnoEnterprise::EventLogger.info('user_invite', current_user.id, 'User invited', user, {user_email: user.email, account_name: @organization.name})
 
@@ -23,27 +19,21 @@ module MnoEnterprise::Jpi::V1::Admin
 
     private
 
-    # Invite for unconfirmed users are automatically accepted
     def find_org_invite(organization, user)
-      if user.confirmed?
-        status_scope = { 'status.in' => %w(staged pending) }
-      else
-        status_scope = { status: 'accepted' }
-      end
+      status_scope = { 'status.in' => %w(staged pending accepted) }
       organization.org_invites.where(status_scope.merge(user_id: user.id)).first
     end
 
     # Send the org invite and update the status
-    def send_org_invite(invite)
-      user = invite.user
+    def send_org_invite(user, invite)
       # Generate token if not generated
       user.send(:generate_confirmation_token!) if !user.confirmed? && user.confirmation_token.blank?
 
       MnoEnterprise::SystemNotificationMailer.organization_invite(invite).deliver_later
 
       # Update staged invite status
-      return unless invite.status == 'staged'
-      invite.status = 'pending'
+      invite.status = 'pending' if invite.status == 'staged'
+      invite.notification_sent_at = Time.now unless invite.notification_sent_at.present?
       invite.save
     end
   end

data/app/controllers/mno_enterprise/jpi/v1/admin/organizations_controller.rb

@@ -6,7 +6,7 @@ module MnoEnterprise
       if params[:terms]
         # Search mode
         @organizations = []
-        JSON.parse(params[:terms]).map { |t| @organizations = @organizations | MnoEnterprise::Organization.where(Hash[*t]) }
+        JSON.parse(params[:terms]).map { |t| @organizations = @organizations | MnoEnterprise::Organization.where(Hash[*t]).fetch }
         response.headers['X-Total-Count'] = @organizations.count
       else
         # Index mode
@@ -28,7 +28,7 @@ module MnoEnterprise
 
     # GET /mnoe/jpi/v1/admin/organizations/in_arrears
     def in_arrears
-      @arrears = MnoEnterprise::ArrearsSituation.all
+      @arrears = MnoEnterprise::ArrearsSituation.all.fetch
     end
 
     # GET /mnoe/jpi/v1/admin/organizations/count
@@ -80,7 +80,12 @@ module MnoEnterprise
         status: 'staged' # Will be updated to 'accepted' for unconfirmed users
       )
 
-      @user = user.confirmed? ? invite : user.reload
+      @user = if user.confirmed?
+        invite.accept!(user)
+        invite.reload
+      else
+        user.reload
+      end
     end
 
     protected

data/app/controllers/mno_enterprise/jpi/v1/admin/tenant_invoices_controller.rb

@@ -3,7 +3,7 @@ module MnoEnterprise
 
     # GET /mnoe/jpi/v1/admin/tenant_invoices
     def index
-      @tenant_invoices = MnoEnterprise::TenantInvoice.all
+      @tenant_invoices = MnoEnterprise::TenantInvoice.all.fetch
     end
 
     # GET /mnoe/jpi/v1/admin/tenant_invoices/1

data/app/controllers/mno_enterprise/jpi/v1/admin/users_controller.rb

@@ -6,7 +6,7 @@ module MnoEnterprise
       if params[:terms]
         # Search mode
         @users = []
-        JSON.parse(params[:terms]).map { |t| @users = @users | MnoEnterprise::User.where(Hash[*t]) }
+        JSON.parse(params[:terms]).map { |t| @users = @users | MnoEnterprise::User.where(Hash[*t]).fetch }
         response.headers['X-Total-Count'] = @users.count
       else
         # Index mode

data/app/controllers/mno_enterprise/jpi/v1/app_instances_sync_controller.rb

@@ -2,6 +2,8 @@ module MnoEnterprise
   class Jpi::V1::AppInstancesSyncController < Jpi::V1::BaseResourceController
     CONNECTOR_STATUS_RUNNING = ['PENDING', 'RUNNING']
 
+    prepend_before_action :skip_devise_trackable, only: :index
+
     # GET /mnoe/jpi/v1/organization/org-fbba/app_instances_sync
     def index
       authorize! :check_apps_sync, @parent_organization

data/app/controllers/mno_enterprise/status_controller.rb

@@ -1,6 +1,10 @@
 # Health Check endpoint
 module MnoEnterprise
   class StatusController < ApplicationController
+    # Skip filters than rely on MnoHub (RemoteAuthenticatable)
+    skip_before_filter :handle_password_change
+    skip_before_filter :perform_return_to
+
     # Simple check to see that the app is up
     # Returns:
     #   {status: 'Ok'}

data/app/views/devise/password_expired/show.html.haml

@@ -3,30 +3,32 @@
     .row
       .login-box-wrapper
         .login-box-title
-          %h2 You password has expired. Please renew it.
+          %h2 Password Expired
         .login-box
           .brand-logo
 
-            = form_for(resource, as: resource_name, url: mno_enterprise.user_password_expired_path, :html => { method: :put, class: 'form-horizontal' }) do |f|
-              = devise_error_messages!
+          = form_for(resource, as: resource_name, url: mno_enterprise.user_password_expired_path, :html => { method: :put, class: 'form-horizontal' }) do |f|
+            = devise_error_messages!
 
-              .row
-                .col-sm-6
-                  = f.label :current_password, "Current password"
-                  = f.password_field :current_password, :class => 'form-control'
+            .row
+              .col-sm-12
+                = f.password_field :current_password, placeholder: "*Current password", required: true, :class => 'form-control'
 
-              .row
-                .col-sm-6
-                  = f.label :password, "New password"
-                  = f.password_field :password, :class => 'form-control'
+            %br
 
-                .col-sm-6
-                  = f.label :password_confirmation, "Confirm new password"
-                  = f.password_field :password_confirmation, :class => 'form-control'
+            .row
+              .col-sm-12
+                = f.password_field :password, placeholder: "*New password", required: true, autocomplete: "off", :class => 'form-control'
 
-              %br
+            %br
 
-              .row
-                .col-sm-12
-                  .text-center
-                    = f.submit "Change my password", class: "btn btn-warning"
+            .row
+              .col-sm-12
+                = f.password_field :password_confirmation, placeholder: "*Confirm new password", required: true, autocomplete: "off", :class => 'form-control'
+
+            %br
+
+            .row
+              .col-sm-12
+                .text-center
+                  = f.submit "Change my password", class: "btn btn-warning"

data/app/views/mno_enterprise/application/error_page.html.haml

@@ -0,0 +1,20 @@
+.error-page
+  .container
+    .error-code
+      = @status
+    .error-title
+      = t("mno_enterprise.errors.#{@status}.title")
+    %hr
+    .error-context
+      %p
+        = t("mno_enterprise.errors.#{@status}.description", support_email: MnoEnterprise.support_email)
+    .error-button
+      %button
+        = link_to(mno_enterprise.root_path) do
+          %i{class: "fa fa-home"}
+          = t("mno_enterprise.errors.redirection")
+    #error-loader
+
+= hidden_field_tag :status_code, @status
+
+= javascript_include_tag "mno_enterprise/error_page"

data/app/views/mno_enterprise/auth/confirmations/_form.html.haml

@@ -30,7 +30,7 @@
 
       - else
         .input-group
-          = f.password_field :password, :placeholder => "*Choose Password", 'ng-model' => 'user.password', class: 'form-control', 'ng-minlength' => 6, 'mno-password-strength' => true, "password-score" => 'user.$pwdScore', :required => true
+          = f.password_field :password, :placeholder => '*Choose Password', :class => 'form-control', :required => true, 'ng-model' => 'user.password', 'ng-minlength' => Devise.password_length.min, 'mno-password-strength' => true, 'password-score' => 'user.$pwdScore'
           %span.input-group-addon.classic.pw-strength-indicator{'ng-class' => 'user.$pwdScore.class' }
             {{ user.$pwdScore.value }}
 

data/app/views/mno_enterprise/auth/sessions/new.html.haml

@@ -1,6 +1,9 @@
 .registration
   .container
     .row
+      - if params[:session_timeout].present?
+        .alert.alert-warning.text-center
+          = t('mno_enterprise.auth.sessions.new.timeout')
       .login-box-wrapper
         .login-box-title
           %h2= t('mno_enterprise.auth.sessions.new.title')

data/app/views/mno_enterprise/jpi/v1/admin/base_resource/_member.json.jbuilder

@@ -3,27 +3,34 @@ if member.is_a?(MnoEnterprise::User)
   json.entity 'User'
   json.role member.role(organization) if organization
   json.admin_role member.admin_role
+  invite = MnoEnterprise::OrgInvite.find_by(user_id: member.id, organization_id: organization.id)
 
   status = case
-           when member.confirmed? then 'active'
+           when member.confirmed?
+            invite.blank? || invite.notification_sent_at.present? ? 'active' : 'notify'
            when member.confirmation_sent_at.nil? then 'pending'
-           when member.confirmation_sent_at.present? then 'invited'
+           when !member.confirmed? then 'invited'
            end
 
   user = member
-
 elsif member.is_a?(MnoEnterprise::OrgInvite)
   json.entity 'OrgInvite'
   json.role member.user_role
+  user = member.user
+  invite = member
 
   status = case member.status
            when 'staged' then 'pending'
-           when 'pending' then 'invited'
-           when 'accepted' then 'active'
+           when 'pending'
+            'invited'
+           when 'accepted'
+            invite.notification_sent_at.present? ? 'active' : 'notify'
            end
 
-  user = member.user
 end
 
+allow_impersonation = invite.present? ? invite.status == 'accepted' : true
+
 json.extract! user, :id, :created_at, :email, :name, :surname
 json.status status
+json.allow_impersonation allow_impersonation

data/app/views/mno_enterprise/jpi/v1/admin/organizations/index.json.jbuilder

@@ -1,7 +1,6 @@
 json.organizations do
   json.array! @organizations do |organization|
     json.partial! 'organization', organization: organization
-    json.partial! 'credit_card', credit_card: organization.credit_card
   end
 end
 json.metadata @organizations.metadata if @organizations.respond_to?(:metadata)

data/app/views/mno_enterprise/jpi/v1/current_users/show.json.jbuilder

@@ -1,4 +1,4 @@
-json.cache! ['v1', @user.cache_key] do
+json.cache! ['v1', @user.cache_key, session[:impersonator_user_id]] do
   json.current_user do
     json.id @user.id
     json.name @user.name
@@ -16,6 +16,7 @@ json.cache! ['v1', @user.cache_key] do
     json.sso_session @user.sso_session
     json.admin_role @user.admin_role
     json.avatar_url avatar_url(@user)
+    json.tos_accepted_at @user.meta_data[:tos_accepted_at] || false
     if current_impersonator
       json.current_impersonator true
       json.current_impersonator_role current_impersonator.admin_role

data/config/initializers/devise.rb

@@ -163,7 +163,7 @@ Devise.setup do |config|
   # Defines which strategy will be used to lock an account.
   # :failed_attempts = Locks an account after a number of failed attempts to sign in.
   # :none            = No lock strategy. You should handle locking by yourself.
-  # config.lock_strategy = :failed_attempts
+  config.lock_strategy = :failed_attempts
 
   # Defines which key will be used when locking and unlocking an account
   # config.unlock_keys = [ :email ]
@@ -173,17 +173,17 @@ Devise.setup do |config|
   # :time  = Re-enables login after a certain amount of time (see :unlock_in below)
   # :both  = Enables both strategies
   # :none  = No unlock strategy. You should handle unlocking by yourself.
-  # config.unlock_strategy = :both
+  config.unlock_strategy = :both
 
   # Number of authentication tries before locking an account if lock_strategy
   # is failed attempts.
-  # config.maximum_attempts = 20
+  config.maximum_attempts = 5
 
   # Time interval to unlock the account if :time is enabled as unlock_strategy.
-  # config.unlock_in = 1.hour
+  config.unlock_in = 1.hour
 
   # Warn on the last attempt before the account is locked.
-  # config.last_attempt_warning = true
+  config.last_attempt_warning = true
 
   # ==> Configuration for :recoverable
   #
@@ -254,7 +254,8 @@ Devise.setup do |config|
   end
   if ENV['OAUTH_FACEBOOK_KEY'] && ENV['OAUTH_FACEBOOK_SECRET']
     require 'omniauth-facebook'
-    config.omniauth :facebook, ENV['OAUTH_FACEBOOK_KEY'], ENV['OAUTH_FACEBOOK_SECRET'], secure_image_url: true
+    config.omniauth :facebook, ENV['OAUTH_FACEBOOK_KEY'], ENV['OAUTH_FACEBOOK_SECRET'],
+                    secure_image_url: true, info_fields: 'name,email,first_name,last_name'
   end
 
   # ==> Warden configuration

data/config/initializers/devise_patch.rb

@@ -0,0 +1,39 @@
+require "action_controller/metal"
+
+module Devise
+  # Failure application that will be called every time :warden is thrown from
+  # any strategy or hook. Responsible for redirect the user to the sign in
+  # page based on current scope and mapping. If no scope is given, redirect
+  # to the default_url.
+  class FailureApp < ActionController::Metal
+
+    protected
+
+    # Monkey patching to unset opts[:script_name]
+    # See https://github.com/plataformatec/devise/issues/4127
+    def scope_url
+      opts  = {}
+      route = route(scope)
+      opts[:format] = request_format unless skip_format?
+
+      config = Rails.application.config
+
+      # Monkey Patch
+      if config.respond_to?(:relative_url_root) && config.relative_url_root.present?
+        opts[:script_name] = config.relative_url_root
+      end
+      # EO Monkey Patch
+
+      router_name = Devise.mappings[scope].router_name || Devise.available_router_name
+      context = send(router_name)
+
+      if context.respond_to?(route)
+        context.send(route, opts)
+      elsif respond_to?(:root_url)
+        root_url(opts)
+      else
+        "/"
+      end
+    end
+  end
+end

data/config/initializers/health_check.rb

@@ -31,3 +31,11 @@ HealthCheck.setup do |config|
     MnoEnterprise::HealthCheck.perform_mno_hub_check
   end
 end
+
+# Monkey patch HealthCheckController to skip filters than rely on MnoHub (RemoteAuthenticatable)
+module HealthCheck
+  class HealthCheckController
+    skip_before_filter :handle_password_change
+    skip_before_filter :perform_return_to
+  end
+end

data/config/routes.rb

@@ -10,7 +10,10 @@ MnoEnterprise::Engine.routes.draw do
   # Health Status
   get '/ping', to: 'status#ping'
   get '/version', to: 'status#version'
-  get 'health_check(/:checks)(.:format)', to: '/health_check/health_check#index'
+  get '/health_check(/:checks)(.:format)', to: '/health_check/health_check#index'
+
+  # Error Handling
+  get '/errors/:error_code', to: 'pages#error'
 
   # App Provisioning
   resources :provision, only: [:new, :create]
@@ -110,6 +113,7 @@ MnoEnterprise::Engine.routes.draw do
       resource :current_user, only: [:show, :update] do
         put :update_password
         put :register_developer
+        put :update_tos
         #post :deletion_request, action: :create_deletion_request
         #delete :deletion_request, action: :cancel_deletion_request
       end

data/lib/mno_enterprise/api/engine.rb

@@ -7,7 +7,7 @@ module MnoEnterprise
 
       # Add assets
       if config.respond_to? (:assets)
-        config.assets.precompile += %w( mno_enterprise/config.js )
+        config.assets.precompile += %w( mno_enterprise/config.js mno_enterprise/error_page.js )
 
         # Allow sprockets to find file in the config/ path
         config.before_configuration do

data/lib/mno_enterprise/concerns/controllers/jpi/v1/current_users_controller.rb

@@ -7,7 +7,7 @@ module MnoEnterprise::Concerns::Controllers::Jpi::V1::CurrentUsersController
   # 'included do' causes the included code to be evaluated in the
   # context where it is included rather than being executed in the module's context
   included do
-    before_filter :authenticate_user!, only: [:update, :update_password]
+    before_filter :authenticate_user!, only: [:update, :update_password, :update_tos]
     before_filter :user_management_enabled?, only: [:update, :update_password]
     respond_to :json
   end
@@ -58,6 +58,17 @@ module MnoEnterprise::Concerns::Controllers::Jpi::V1::CurrentUsersController
     end
   end
 
+  def update_tos
+    @user = current_user
+
+    if @user.update({ meta_data: { tos_accepted_at: Time.now } })
+      MnoEnterprise::EventLogger.info('user_update_tos_accepted_at', current_user.id, 'User accepted TOS', @user)
+      render :show
+    else
+      render json: @user.errors, status: :bad_request
+    end
+  end
+
   private
     def user_params
       params.require(:user).permit(:name, :surname, :email, :company, :settings, :phone, :website, :phone_country_code, :current_password, :password, :password_confirmation)

data/lib/mno_enterprise/concerns/controllers/jpi/v1/organizations_controller.rb

@@ -116,7 +116,8 @@ module MnoEnterprise::Concerns::Controllers::Jpi::V1::OrganizationsController
         user_email: invite['email'],
         user_role: invite['role'],
         team_id: invite['team_id'],
-        referrer_id: current_user.id
+        referrer_id: current_user.id,
+        notification_sent_at: Time.now
       )
 
       MnoEnterprise::SystemNotificationMailer.organization_invite(@org_invite).deliver_now

data/lib/mno_enterprise/concerns/controllers/pages_controller.rb

@@ -74,6 +74,11 @@ module MnoEnterprise::Concerns::Controllers::PagesController
     end
   end
 
+  # Error page
+  def error
+    handle_mnohub_error(params[:error_code])
+  end
+
   private
     def app_instance_hash(app_instance)
       return {} unless app_instance

data/lib/mno_enterprise/concerns/mailers/system_notification_mailer.rb

@@ -123,7 +123,7 @@ module MnoEnterprise::Concerns::Mailers::SystemNotificationMailer
   def organization_invite(org_invite)
     new_user = !org_invite.user.confirmed?
     confirmation_link = new_user ? user_confirmation_url(confirmation_token: org_invite.user.confirmation_token) : org_invite_url(org_invite, token: org_invite.token)
-    email_template = new_user ? 'organization-invite-new-user' : 'organization-invite-existing-user'
+    email_template = new_user ? 'organization-invite-new-user' : existing_user_template(org_invite)
 
     MnoEnterprise::MailClient.deliver(email_template,
       default_sender,
@@ -194,4 +194,8 @@ module MnoEnterprise::Concerns::Mailers::SystemNotificationMailer
       invitee_email: org_invite.user.email,
     }
   end
+
+  def existing_user_template(invite)
+    invite.status == 'accepted' ? 'organization-invite-notification' : 'organization-invite-existing-user'
+  end
 end

data/spec/controllers/mno_enterprise/jpi/v1/admin/invites_controller_spec.rb

@@ -27,7 +27,7 @@ module MnoEnterprise
     # API stubs
     before do
       api_stub_for(get: "/organizations/#{organization.id}", response: from_api(organization))
-      api_stub_for(get: "/organizations/#{organization.id}/org_invites?filter[status.in][]=pending&filter[status.in][]=staged&filter[user_id]=#{invitee.id}", response: from_api([invite]))
+      api_stub_for(get: "/organizations/#{organization.id}/org_invites?filter[status.in][]=pending&filter[status.in][]=staged&filter[status.in][]=accepted&filter[user_id]=#{invitee.id}", response: from_api([invite]))
 
       allow(MnoEnterprise::User).to receive(:find) do |user_id|
         case user_id.to_i
@@ -57,9 +57,10 @@ module MnoEnterprise
       context 'new user'  do
         before { invitee.confirmed_at = nil }
 
-        it 'sends the confirmation instructions' do
-          expect(invitee).to receive(:resend_confirmation_instructions)
+        it 'sends organization invite to new user' do
+          expect(SystemNotificationMailer).to receive(:organization_invite).with(invite).and_return(message_delivery)
           subject
+          expect(response).to be_success
         end
       end
     end

data/spec/controllers/mno_enterprise/jpi/v1/admin/organizations_controller_spec.rb

@@ -54,9 +54,12 @@ module MnoEnterprise
       api_stub_for(get: "/organizations/#{organization.id}/users", response: from_api([user]))
       api_stub_for(get: "/organizations/#{organization.id}/org_invites", response: from_api([org_invite]))
       api_stub_for(get: "/organizations/#{organization.id}/app_instances", response: from_api([app_instance]))
+      api_stub_for(get: "/org_invites?filter[organization_id]=#{organization.id}&filter[user_id]=#{user.id}&limit=1", response: from_api([org_invite]))
       api_stub_for(get: "/organizations/#{organization.id}/credit_card", response: from_api([credit_card]))
       api_stub_for(get: "/arrears_situations", response: from_api([arrears]))
+      api_stub_for(get: "/org_invites/#{org_invite.id}", response: from_api(org_invite))
       api_stub_for(post: "/organizations", response: from_api([organization]))
+      api_stub_for(put: "/org_invites/#{org_invite.id}", response: from_api([org_invite]))
     end
 
     let(:expected_hash_for_organizations) {
@@ -67,7 +70,6 @@ module MnoEnterprise
           'name' => organization.name,
           'soa_enabled' => organization.soa_enabled,
           'created_at' => organization.created_at,
-          'credit_card' => {'presence' => organization.credit_card?},
           'account_frozen' => organization.account_frozen
         }],
         'metadata' => {'pagination' => {'count' => 1}}

data/spec/controllers/mno_enterprise/jpi/v1/current_users_controller_spec.rb

@@ -33,7 +33,8 @@ module MnoEnterprise
           'website' => res.website,
           'sso_session' => res.sso_session,
           'admin_role' => res.admin_role,
-          'avatar_url' => avatar_url(res)
+          'avatar_url' => avatar_url(res),
+          'tos_accepted_at' => res.meta_data[:tos_accepted_at] || false
       }
 
       if res.id
@@ -83,6 +84,7 @@ module MnoEnterprise
       subject { get :show }
 
       describe 'guest' do
+        before { expect_any_instance_of(MnoEnterprise::User).to receive(:meta_data).and_return({}) }
         it 'is successful' do
           subject
           expect(response).to be_success
@@ -140,6 +142,23 @@ module MnoEnterprise
       end
     end
 
+    describe 'PUT #update_tos' do
+      before { api_stub_for(put: "/users/#{user.id}", response: from_api(user)) }
+      subject { put :update_tos }
+
+      describe 'guest' do
+        before { subject }
+        it { expect(response).to_not be_success }
+      end
+
+      describe 'logged in' do
+        before { sign_in user }
+        before { subject }
+        it { expect(response).to be_success }
+        it { expect(controller.current_user).to eq(user) }
+      end
+    end
+
     describe 'PUT #update_password' do
       let(:attrs) { {current_password: 'password', password: 'blablabla', password_confirmation: 'blablabla'} }
       before { api_stub_for(put: "/users/#{user.id}", response: from_api(user)) }

data/spec/controllers/mno_enterprise/jpi/v1/organizations_controller_spec.rb

@@ -291,6 +291,9 @@ module MnoEnterprise
         let(:relation) { instance_double('Her::Model::Relation') }
         before do
           allow(relation).to receive(:active).and_return(relation)
+
+          @fake_time = Time.now
+          Time.stub(:now) { @fake_time }
         end
 
         it 'creates an invitation' do
@@ -302,7 +305,8 @@ module MnoEnterprise
             user_email: 'newmember@maestrano.com',
             user_role: 'Power User',
             team_id: team.id.to_s,
-            referrer_id: user.id
+            referrer_id: user.id,
+            notification_sent_at: Time.now
           ).and_return(org_invite)
           subject
         end

data/spec/controllers/mno_enterprise/pages_controller_spec.rb

@@ -76,10 +76,26 @@ module MnoEnterprise
       before { subject }
 
       it { expect(response).to be_success }
-      
+
       it 'returns the apps in the correct alphabetical order' do
         expect(assigns(:apps)).to eq([app2, app1, app3])
       end
     end
+
+    describe 'GET #error' do
+      subject { get :error, error_code: error_code, format: :json }
+
+      context '503 error' do
+        let(:error_code) { 503 }
+        it { is_expected.to have_http_status(:service_unavailable) }
+        it { expect(subject.body).to eq({error: 'API hub unavailable'}.to_json) }
+      end
+
+      context '429 error' do
+        let(:error_code) { 429 }
+        it { is_expected.to have_http_status(:too_many_requests) }
+        it { expect(subject.body).to eq({error: 'API hub unavailable'}.to_json) }
+      end
+    end
   end
 end

data/spec/controllers/mno_enterprise/status_controller_spec.rb

@@ -18,7 +18,6 @@ module MnoEnterprise
       it { is_expected.to respond_with(200) }
 
       it 'returns the main app version' do
-        puts MnoEnterprise::APP_VERSION
         expect(data['app-version']).to eq(MnoEnterprise::APP_VERSION)
       end
 

data/spec/mailer/mno_enterprise/system_notification_mailer_spec.rb

@@ -125,14 +125,29 @@ module MnoEnterprise
       let(:org_invite) { build(:org_invite, user: invitee, referrer: user) }
 
       context 'when invitee is a confirmed user' do
-        it 'sends the right email' do
-          expect(MnoEnterprise::MailClient).to receive(:deliver).with('organization-invite-existing-user',
-            SystemNotificationMailer::DEFAULT_SENDER,
-            { name: "#{invitee.name} #{invitee.surname}".strip, email: invitee.email },
-            invite_vars(org_invite).merge(confirmation_link: routes.org_invite_url(id: org_invite.id, token: org_invite.token))
-          )
-
-          subject.organization_invite(org_invite).deliver_now
+        context 'when invite is from Admin Panel' do
+          before { org_invite.status = 'accepted' }
+
+          it 'sends the right email' do
+            expect(MnoEnterprise::MailClient).to receive(:deliver).with('organization-invite-notification',
+              SystemNotificationMailer::DEFAULT_SENDER,
+              { name: "#{invitee.name} #{invitee.surname}".strip, email: invitee.email },
+              invite_vars(org_invite).merge(confirmation_link: routes.org_invite_url(id: org_invite.id, token: org_invite.token))
+            )
+
+            subject.organization_invite(org_invite).deliver_now
+          end
+        end
+        context 'when invite is from Customer View' do
+          it 'sends the right email' do
+            expect(MnoEnterprise::MailClient).to receive(:deliver).with('organization-invite-existing-user',
+              SystemNotificationMailer::DEFAULT_SENDER,
+              { name: "#{invitee.name} #{invitee.surname}".strip, email: invitee.email },
+              invite_vars(org_invite).merge(confirmation_link: routes.org_invite_url(id: org_invite.id, token: org_invite.token))
+            )
+
+            subject.organization_invite(org_invite).deliver_now
+          end
         end
       end
 

data/spec/requests/devise/authentication_spec.rb

@@ -3,7 +3,7 @@ require 'rails_helper'
 module MnoEnterprise
   RSpec.describe "Remote Authentication", type: :request do
 
-    let(:user) { build(:user) }
+    let(:user) { build(:user, password_valid: true) }
     before { api_stub_for(get: "/users/#{user.id}", response: from_api(user)) }
     before { api_stub_for(put: "/users/#{user.id}", response: from_api(user)) }
 

data/spec/requests/mno_enterprise/healthcheck_spec.rb

@@ -0,0 +1,58 @@
+require 'rails_helper'
+
+module MnoEnterprise
+  # Test the Status controller is still working when MnoHub is down
+  # The behavior is tested in the ControllerSpec
+  RSpec.describe "Health Check", type: :request do
+    include MnoEnterprise::TestingSupport::RequestSpecHelper
+
+    describe 'simple' do
+      subject { get '/mnoe/health_check.json' }
+      let(:data) { JSON.parse(response.body) }
+
+      context 'with a signed in user' do
+        include_context 'signed in user'
+
+        context 'when MnoHub is up' do
+          before { subject }
+
+          it { expect(response).to have_http_status(:ok), response.body }
+          it { expect(data['healthy']).to be true }
+        end
+
+        context 'when MnoHub is down' do
+          before { clear_api_stubs }
+          before { subject }
+
+          it { expect(response).to have_http_status(:ok), response.body }
+          it { expect(data['healthy']).to be true }
+        end
+      end
+    end
+
+    describe 'full' do
+      subject { get '/mnoe/health_check/full.json' }
+      let(:data) { JSON.parse(response.body) }
+
+      context 'with a signed in user' do
+        include_context 'signed in user'
+
+        context 'when MnoHub is up' do
+          before { api_stub_for(get: '/apps?limit=1&sort[]=id.asc', response: from_api([FactoryGirl.build(:app)])) }
+          before { subject }
+
+          it { expect(response).to have_http_status(:ok), response.body }
+          it { expect(data['healthy']).to be true }
+        end
+
+        context 'when MnoHub is down' do
+          before { clear_api_stubs }
+          before { subject }
+
+          it { expect(response).to have_http_status(:internal_server_error), response.body }
+          it { expect(data['healthy']).to be false }
+        end
+      end
+    end
+  end
+end

data/spec/requests/mno_enterprise/status_spec.rb

@@ -0,0 +1,62 @@
+require 'rails_helper'
+
+module MnoEnterprise
+  # Test the Status controller is still working when MnoHub is down
+  # The behavior is tested in the ControllerSpec
+  RSpec.describe "Status", type: :request do
+    include MnoEnterprise::TestingSupport::RequestSpecHelper
+
+    describe 'version' do
+      subject { get '/mnoe/version' }
+      let(:data) { JSON.parse(response.body) }
+
+      context 'with a signed in user' do
+        include_context 'signed in user'
+
+        context 'when MnoHub is up' do
+          before { subject }
+
+          it { expect(response).to have_http_status(:ok) }
+        end
+
+        context 'when MnoHub is down' do
+          before { clear_api_stubs }
+          before { subject }
+
+          it { expect(response).to have_http_status(:ok) }
+        end
+      end
+
+      context 'without a signed in user' do
+        before { subject }
+        it { expect(response).to have_http_status(:ok) }
+      end
+    end
+
+    describe 'ping' do
+      subject { get '/mnoe/ping' }
+
+      context 'with a signed in user' do
+        include_context 'signed in user'
+
+        context 'when MnoHub is up' do
+          before { subject }
+
+          it { expect(response).to have_http_status(:ok) }
+        end
+
+        context 'when MnoHub is down' do
+          before { clear_api_stubs }
+          before { subject }
+
+          it { expect(response).to have_http_status(:ok) }
+        end
+      end
+
+      context 'without a signed in user' do
+        before { subject }
+        it { expect(response).to have_http_status(:ok) }
+      end
+    end
+  end
+end

data/spec/routing/mno_enterprise/pages_controller_routing_spec.rb

@@ -29,5 +29,9 @@ module MnoEnterprise
     it 'routes to #terms' do
       expect(get("/terms")).to route_to("mno_enterprise/pages#terms")
     end
+
+    it 'routes to #error' do
+      expect(get("/errors/503")).to route_to("mno_enterprise/pages#error", error_code: '503')
+    end
   end
 end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: mno-enterprise-api
 version: !ruby/object:Gem::Version
-  version: 3.3.2
+  version: 3.3.3
 platform: ruby
 authors:
 - Arnaud Lachaume
@@ -9,7 +9,7 @@ authors:
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2017-11-09 00:00:00.000000000 Z
+date: 2018-10-26 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: mno-enterprise-core
@@ -17,14 +17,14 @@ dependencies:
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 3.3.2
+        version: 3.3.3
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 3.3.2
+        version: 3.3.3
 - !ruby/object:Gem::Dependency
   name: jbuilder
   requirement: !ruby/object:Gem::Requirement
@@ -171,28 +171,28 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 0.2.6
+        version: 0.5.3
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 0.2.6
+        version: 0.5.3
 - !ruby/object:Gem::Dependency
   name: omniauth-facebook
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 2.0.1
+        version: 4.0.0
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 2.0.1
+        version: 4.0.0
 description: Maestrano Enterprise - essentials API
 email:
 - developers@maestrano.com
@@ -205,6 +205,7 @@ files:
 - app/assets/javascripts/mno_enterprise/angular/loading-page.app.js.coffee
 - app/assets/javascripts/mno_enterprise/application.js
 - app/assets/javascripts/mno_enterprise/config.js.coffee.erb
+- app/assets/javascripts/mno_enterprise/error_page.js
 - app/controllers/devise/password_expired_controller.rb
 - app/controllers/mno_enterprise/admin/invoices_controller.rb
 - app/controllers/mno_enterprise/auth/confirmations_controller.rb
@@ -262,6 +263,7 @@ files:
 - app/mailers/mno_enterprise/system_notification_mailer.rb
 - app/models/mno_enterprise/health_check.rb
 - app/views/devise/password_expired/show.html.haml
+- app/views/mno_enterprise/application/error_page.html.haml
 - app/views/mno_enterprise/auth/confirmations/_form.html.haml
 - app/views/mno_enterprise/auth/confirmations/lounge.html.haml
 - app/views/mno_enterprise/auth/confirmations/new.html.haml
@@ -395,6 +397,7 @@ files:
 - config/initializers/devise.rb
 - config/initializers/devise_extension.rb
 - config/initializers/devise_log.rb
+- config/initializers/devise_patch.rb
 - config/initializers/health_check.rb
 - config/initializers/main_app_version.rb
 - config/initializers/sprockets.rb
@@ -476,6 +479,8 @@ files:
 - spec/rails_helper.rb
 - spec/requests/devise/authentication_spec.rb
 - spec/requests/devise/registration_spec.rb
+- spec/requests/mno_enterprise/healthcheck_spec.rb
+- spec/requests/mno_enterprise/status_spec.rb
 - spec/routing/devise/confirmation_routing_spec.rb
 - spec/routing/devise/passwords_routing_spec.rb
 - spec/routing/devise/registrations_routing_spec.rb
@@ -538,7 +543,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
 requirements: []
 rubyforge_project: 
-rubygems_version: 2.6.8
+rubygems_version: 2.6.14
 signing_key: 
 specification_version: 4
 summary: Maestrano Enterprise - API
@@ -585,6 +590,8 @@ test_files:
 - spec/routing/devise/sessions_routing_spec.rb
 - spec/routing/devise/passwords_routing_spec.rb
 - spec/spec_helper.rb
+- spec/requests/mno_enterprise/status_spec.rb
+- spec/requests/mno_enterprise/healthcheck_spec.rb
 - spec/requests/devise/authentication_spec.rb
 - spec/requests/devise/registration_spec.rb
 - spec/mailer/mno_enterprise/system_notification_mailer_spec.rb