mno-enterprise-core 2.0.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +7 -0
- data/LICENSE +1 -0
- data/Rakefile +12 -0
- data/app/assets/images/mno_enterprise/main-logo.png +0 -0
- data/app/controllers/mno_enterprise/application_controller.rb +116 -0
- data/app/helpers/mno_enterprise/application_helper.rb +67 -0
- data/app/helpers/mno_enterprise/impersonate_helper.rb +27 -0
- data/app/models/mno_enterprise/ability.rb +6 -0
- data/app/models/mno_enterprise/app.rb +72 -0
- data/app/models/mno_enterprise/app_instance.rb +36 -0
- data/app/models/mno_enterprise/app_instances_sync.rb +6 -0
- data/app/models/mno_enterprise/arrears_situation.rb +6 -0
- data/app/models/mno_enterprise/audit_event.rb +21 -0
- data/app/models/mno_enterprise/base_resource.rb +228 -0
- data/app/models/mno_enterprise/credit_card.rb +40 -0
- data/app/models/mno_enterprise/deletion_request.rb +35 -0
- data/app/models/mno_enterprise/impac/dashboard.rb +36 -0
- data/app/models/mno_enterprise/impac/dashboard_provisioner.rb +5 -0
- data/app/models/mno_enterprise/impac/kpi.rb +9 -0
- data/app/models/mno_enterprise/impac/widget.rb +13 -0
- data/app/models/mno_enterprise/invoice.rb +53 -0
- data/app/models/mno_enterprise/org_invite.rb +50 -0
- data/app/models/mno_enterprise/organization.rb +33 -0
- data/app/models/mno_enterprise/team.rb +50 -0
- data/app/models/mno_enterprise/tenant.rb +5 -0
- data/app/models/mno_enterprise/tenant_invoice.rb +5 -0
- data/app/models/mno_enterprise/user.rb +183 -0
- data/app/pdf/mno_enterprise/invoice_pdf.rb +516 -0
- data/config/initializers/audit_log.rb +5 -0
- data/config/locales/devise.en.yml +60 -0
- data/config/routes.rb +2 -0
- data/config/styleguide.yml +106 -0
- data/lib/accountingjs_serializer.rb +51 -0
- data/lib/devise/controllers/extension_helpers.rb +52 -0
- data/lib/devise/extension_routes.rb +11 -0
- data/lib/devise/hooks/password_expirable.rb +5 -0
- data/lib/devise/models/password_expirable.rb +28 -0
- data/lib/devise/models/remote_authenticatable.rb +48 -0
- data/lib/devise/strategies/remote_authenticatable.rb +44 -0
- data/lib/devise_extension.rb +36 -0
- data/lib/faraday/adapter/net_http_no_proxy.rb +19 -0
- data/lib/generators/mno_enterprise/database_extension/USAGE +11 -0
- data/lib/generators/mno_enterprise/database_extension/database_extension_generator.rb +36 -0
- data/lib/generators/mno_enterprise/database_extension/templates/model.rb +9 -0
- data/lib/generators/mno_enterprise/dummy/dummy_generator.rb +98 -0
- data/lib/generators/mno_enterprise/dummy/templates/rails/application.rb.erb +9 -0
- data/lib/generators/mno_enterprise/dummy/templates/rails/boot.rb.erb +6 -0
- data/lib/generators/mno_enterprise/dummy/templates/rails/database.yml +22 -0
- data/lib/generators/mno_enterprise/dummy/templates/rails/routes.rb +8 -0
- data/lib/generators/mno_enterprise/dummy/templates/rails/test-env.rb +45 -0
- data/lib/generators/mno_enterprise/install/install_generator.rb +140 -0
- data/lib/generators/mno_enterprise/install/templates/Procfile +1 -0
- data/lib/generators/mno_enterprise/install/templates/config/initializers/mno_enterprise.rb +135 -0
- data/lib/generators/mno_enterprise/install/templates/config/mno_enterprise_styleguide.yml +104 -0
- data/lib/generators/mno_enterprise/install/templates/javascripts/mno_enterprise_extensions.js +7 -0
- data/lib/generators/mno_enterprise/install/templates/stylesheets/main.less_erb +25 -0
- data/lib/generators/mno_enterprise/install/templates/stylesheets/theme.less_erb +59 -0
- data/lib/generators/mno_enterprise/install/templates/stylesheets/variables.less +337 -0
- data/lib/generators/mno_enterprise/install/templates/tasks/sprites.rake +14 -0
- data/lib/generators/mno_enterprise/puma_stack/puma_stack_generator.rb +58 -0
- data/lib/generators/mno_enterprise/templates/scripts/monit/app-server.conf +8 -0
- data/lib/generators/mno_enterprise/templates/scripts/nginx/app +51 -0
- data/lib/generators/mno_enterprise/templates/scripts/puma.rb +25 -0
- data/lib/generators/mno_enterprise/templates/scripts/setup.sh +27 -0
- data/lib/generators/mno_enterprise/templates/scripts/upstart/app-web-hotrestart.conf +26 -0
- data/lib/generators/mno_enterprise/templates/scripts/upstart/app-web-server.conf +34 -0
- data/lib/generators/mno_enterprise/templates/scripts/upstart/app-web.conf +2 -0
- data/lib/generators/mno_enterprise/templates/scripts/upstart/app.conf +11 -0
- data/lib/her_extension/her_orm_adapter.rb +54 -0
- data/lib/her_extension/middleware/mnoe_api_v1_parse_json.rb +54 -0
- data/lib/her_extension/model/associations/association.rb +61 -0
- data/lib/her_extension/model/associations/association_proxy.rb +34 -0
- data/lib/her_extension/model/associations/has_many_association.rb +115 -0
- data/lib/her_extension/model/attributes.rb +43 -0
- data/lib/her_extension/model/orm.rb +59 -0
- data/lib/her_extension/model/parse.rb +40 -0
- data/lib/her_extension/model/relation.rb +92 -0
- data/lib/her_extension/validations/remote_uniqueness_validation.rb +33 -0
- data/lib/html_processor.rb +106 -0
- data/lib/mandrill_client.rb +58 -0
- data/lib/mno-enterprise-core.rb +1 -0
- data/lib/mno_enterprise/concerns.rb +4 -0
- data/lib/mno_enterprise/concerns/controllers.rb +6 -0
- data/lib/mno_enterprise/concerns/controllers/angular_csrf.rb +59 -0
- data/lib/mno_enterprise/concerns/controllers/auth.rb +9 -0
- data/lib/mno_enterprise/concerns/controllers/auth/confirmations_controller.rb +187 -0
- data/lib/mno_enterprise/concerns/controllers/auth/passwords_controller.rb +54 -0
- data/lib/mno_enterprise/concerns/controllers/auth/registrations_controller.rb +136 -0
- data/lib/mno_enterprise/concerns/controllers/auth/sessions_controller.rb +54 -0
- data/lib/mno_enterprise/concerns/controllers/auth/unlocks_controller.rb +50 -0
- data/lib/mno_enterprise/concerns/models.rb +6 -0
- data/lib/mno_enterprise/concerns/models/ability.rb +108 -0
- data/lib/mno_enterprise/concerns/models/app_instance.rb +100 -0
- data/lib/mno_enterprise/concerns/models/organization.rb +102 -0
- data/lib/mno_enterprise/core.rb +279 -0
- data/lib/mno_enterprise/database_extendable.rb +57 -0
- data/lib/mno_enterprise/engine.rb +33 -0
- data/lib/mno_enterprise/testing_support/ability_test_helper.rb +10 -0
- data/lib/mno_enterprise/testing_support/common_rake.rb +19 -0
- data/lib/mno_enterprise/testing_support/factories.rb +13 -0
- data/lib/mno_enterprise/testing_support/factories/app_instances.rb +30 -0
- data/lib/mno_enterprise/testing_support/factories/apps.rb +45 -0
- data/lib/mno_enterprise/testing_support/factories/arrears_situation.rb +14 -0
- data/lib/mno_enterprise/testing_support/factories/audit_event.rb +15 -0
- data/lib/mno_enterprise/testing_support/factories/credit_card.rb +33 -0
- data/lib/mno_enterprise/testing_support/factories/deletion_request.rb +17 -0
- data/lib/mno_enterprise/testing_support/factories/impac/dashboards.rb +15 -0
- data/lib/mno_enterprise/testing_support/factories/impac/kpis.rb +20 -0
- data/lib/mno_enterprise/testing_support/factories/impac/widgets.rb +15 -0
- data/lib/mno_enterprise/testing_support/factories/invoices.rb +51 -0
- data/lib/mno_enterprise/testing_support/factories/org_invite.rb +24 -0
- data/lib/mno_enterprise/testing_support/factories/organizations.rb +25 -0
- data/lib/mno_enterprise/testing_support/factories/team.rb +17 -0
- data/lib/mno_enterprise/testing_support/factories/tenant.rb +12 -0
- data/lib/mno_enterprise/testing_support/factories/tenant_invoice.rb +29 -0
- data/lib/mno_enterprise/testing_support/factories/users.rb +48 -0
- data/lib/mno_enterprise/testing_support/jpi_v1_test_helper.rb +49 -0
- data/lib/mno_enterprise/testing_support/mno_enterprise_api_test_helper.rb +167 -0
- data/lib/mno_enterprise/testing_support/mnoe_faraday_test_adapter.rb +173 -0
- data/lib/mno_enterprise/testing_support/organizations_shared_helpers.rb +175 -0
- data/lib/mno_enterprise/testing_support/user_action_shared.rb +47 -0
- data/lib/mno_enterprise/version.rb +3 -0
- data/lib/tasks/mno_enterprise_tasks.rake +22 -0
- data/spec/controllers/mno_enterprise/angular_csrf_spec.rb +42 -0
- data/spec/lib/her_extension/her_orm_adapter.rb +7 -0
- data/spec/lib/her_extension/model/relation_spec.rb +7 -0
- data/spec/lib/mandrill_client_spec.rb +64 -0
- data/spec/mno_enterprise_spec.rb +79 -0
- data/spec/models/mno_enterprise/app_instance_spec.rb +7 -0
- data/spec/models/mno_enterprise/app_spec.rb +62 -0
- data/spec/models/mno_enterprise/base_resource_spec.rb +28 -0
- data/spec/models/mno_enterprise/deletion_request_spec.rb +26 -0
- data/spec/models/mno_enterprise/invoice_spec.rb +7 -0
- data/spec/models/mno_enterprise/organization_spec.rb +7 -0
- data/spec/models/mno_enterprise/user_spec.rb +44 -0
- data/spec/rails_helper.rb +73 -0
- data/spec/spec_helper.rb +78 -0
- metadata +421 -0
|
@@ -0,0 +1,58 @@
|
|
|
1
|
+
# An interface to the Mandrill API
|
|
2
|
+
# Example usage:
|
|
3
|
+
# MandrillClient.send_template(template_name(string), template_content(array), message(hash))
|
|
4
|
+
module MandrillClient
|
|
5
|
+
class << self
|
|
6
|
+
|
|
7
|
+
# Store the list of mandrill emails that are pending
|
|
8
|
+
# to be sent
|
|
9
|
+
# Only used for testing
|
|
10
|
+
# E.g: expect { some_action }.to change(MandrillClient.base_deliveries,:count).by(1)
|
|
11
|
+
def base_deliveries
|
|
12
|
+
@base_deliveries ||= []
|
|
13
|
+
end
|
|
14
|
+
|
|
15
|
+
# Check whether mailers are in test mode or not
|
|
16
|
+
# Emails should not be sent in test mode
|
|
17
|
+
def test?
|
|
18
|
+
(Rails.configuration.action_mailer.delivery_method || '').to_sym == :test
|
|
19
|
+
end
|
|
20
|
+
|
|
21
|
+
# Return a mandrill client configured with the right API key
|
|
22
|
+
def client
|
|
23
|
+
@client ||= Mandrill::API.new(MnoEnterprise.mandrill_key)
|
|
24
|
+
end
|
|
25
|
+
|
|
26
|
+
# Send the provided template with options
|
|
27
|
+
# MandrillClient.send_template(template_name(string), template_content(array), message(hash))
|
|
28
|
+
def send_template(*args)
|
|
29
|
+
if self.test?
|
|
30
|
+
self.base_deliveries.push(args)
|
|
31
|
+
else
|
|
32
|
+
self.client.messages.send_template(*args)
|
|
33
|
+
end
|
|
34
|
+
end
|
|
35
|
+
|
|
36
|
+
# A simpler version of send_template
|
|
37
|
+
#
|
|
38
|
+
# Take in argument:
|
|
39
|
+
# template: name of a mandrill template
|
|
40
|
+
# from: hash describing the sender. E.g.: { name: "John", email: "john.doe@maestrano.com" }
|
|
41
|
+
# to: Array or hash describing the recipient. E.g.: { name: "Jack", email: "jack.doe@maestrano.com" }
|
|
42
|
+
# vars: Mandrill email variables. E.g.: { link: "https://mywebsite.com/confirm_account" }
|
|
43
|
+
# opts: additional parameters to pass to mandrill. See: https://mandrillapp.com/api/docs/messages.ruby.html
|
|
44
|
+
#
|
|
45
|
+
def deliver(template,from,to,vars = {},opts = {})
|
|
46
|
+
# Prepare message from args
|
|
47
|
+
message = { from_name: from[:name], from_email: from[:email]}
|
|
48
|
+
message[:to] = [to].flatten.map { |t| {name: t[:name], email: t[:email], type: (t[:type] || :to) } }
|
|
49
|
+
message[:global_merge_vars] = vars.map { |k,v| {name: k.to_s, content: v} }
|
|
50
|
+
|
|
51
|
+
# Merge additional mandrill options
|
|
52
|
+
message.merge!(opts)
|
|
53
|
+
|
|
54
|
+
self.send_template(template,[],message)
|
|
55
|
+
end
|
|
56
|
+
end
|
|
57
|
+
|
|
58
|
+
end
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
require 'mno_enterprise/core'
|
|
@@ -0,0 +1,59 @@
|
|
|
1
|
+
# This module allow Angular to works well with Rails CSRF protection
|
|
2
|
+
# It's intended for AngularJS app served outside of the Rails asset pipeline.
|
|
3
|
+
# See
|
|
4
|
+
# - https://technpol.wordpress.com/2014/04/17/rails4-angularjs-csrf-and-devise/
|
|
5
|
+
# - https://technpol.wordpress.com/2014/08/22/10-adding-devise-integration-logon-and-security/
|
|
6
|
+
# for more details
|
|
7
|
+
module MnoEnterprise::Concerns::Controllers::AngularCSRF
|
|
8
|
+
extend ActiveSupport::Concern
|
|
9
|
+
|
|
10
|
+
#==================================================================
|
|
11
|
+
# Included methods
|
|
12
|
+
#==================================================================
|
|
13
|
+
# 'included do' causes the included code to be evaluated in the
|
|
14
|
+
# context where it is included rather than being executed in the module's context
|
|
15
|
+
included do
|
|
16
|
+
# Prevent CSRF attacks by raising an exception.
|
|
17
|
+
protect_from_forgery with: :exception
|
|
18
|
+
|
|
19
|
+
after_filter :set_csrf_cookie_for_ng
|
|
20
|
+
|
|
21
|
+
# Clean up cookies on InvalidAuthenticityRequest
|
|
22
|
+
rescue_from ActionController::InvalidAuthenticityToken do |exception|
|
|
23
|
+
cookies['XSRF-TOKEN'] = form_authenticity_token if protect_against_forgery?
|
|
24
|
+
message = 'CSRF token error, please try again'
|
|
25
|
+
render_with_protection(message.to_json, {status: :unprocessable_entity})
|
|
26
|
+
end
|
|
27
|
+
|
|
28
|
+
protected
|
|
29
|
+
def set_csrf_cookie_for_ng
|
|
30
|
+
cookies['XSRF-TOKEN'] = form_authenticity_token if protect_against_forgery?
|
|
31
|
+
end
|
|
32
|
+
|
|
33
|
+
def verified_request?
|
|
34
|
+
super || valid_authenticity_token?(session, request.headers['X-XSRF-TOKEN'])
|
|
35
|
+
end
|
|
36
|
+
|
|
37
|
+
# JSON / JSONP XSS protection
|
|
38
|
+
def render_with_protection(object, parameters = {})
|
|
39
|
+
render parameters.merge(content_type: 'application/json', text: ")]}',\n" + object.to_json)
|
|
40
|
+
end
|
|
41
|
+
end
|
|
42
|
+
|
|
43
|
+
#==================================================================
|
|
44
|
+
# Class methods
|
|
45
|
+
#==================================================================
|
|
46
|
+
module ClassMethods
|
|
47
|
+
# def some_class_method
|
|
48
|
+
# 'some text'
|
|
49
|
+
# end
|
|
50
|
+
end
|
|
51
|
+
|
|
52
|
+
#==================================================================
|
|
53
|
+
# Instance methods
|
|
54
|
+
#==================================================================
|
|
55
|
+
# GET /resource/password/new
|
|
56
|
+
# def new
|
|
57
|
+
# super
|
|
58
|
+
# end
|
|
59
|
+
end
|
|
@@ -0,0 +1,187 @@
|
|
|
1
|
+
module MnoEnterprise::Concerns::Controllers::Auth::ConfirmationsController
|
|
2
|
+
extend ActiveSupport::Concern
|
|
3
|
+
|
|
4
|
+
#==================================================================
|
|
5
|
+
# Included methods
|
|
6
|
+
#==================================================================
|
|
7
|
+
# 'included do' causes the included code to be evaluated in the
|
|
8
|
+
# context where it is included rather than being executed in the module's context
|
|
9
|
+
included do
|
|
10
|
+
before_filter :signed_in_and_unconfirmed, only: [:lounge,:update]
|
|
11
|
+
|
|
12
|
+
private
|
|
13
|
+
# Redirects unless user is signed in and not confirmed yet
|
|
14
|
+
def signed_in_and_unconfirmed
|
|
15
|
+
resource = resource_class.to_adapter.get((send(:"current_#{resource_name}") || MnoEnterprise::User.new).to_key)
|
|
16
|
+
return true if resource && !resource.confirmed?
|
|
17
|
+
|
|
18
|
+
redirect_to mno_enterprise.myspace_path
|
|
19
|
+
return false
|
|
20
|
+
end
|
|
21
|
+
end
|
|
22
|
+
|
|
23
|
+
#==================================================================
|
|
24
|
+
# Class methods
|
|
25
|
+
#==================================================================
|
|
26
|
+
module ClassMethods
|
|
27
|
+
# def some_class_method
|
|
28
|
+
# 'some text'
|
|
29
|
+
# end
|
|
30
|
+
end
|
|
31
|
+
|
|
32
|
+
#==================================================================
|
|
33
|
+
# Instance methods
|
|
34
|
+
#==================================================================
|
|
35
|
+
# GET /resource/confirmation/new
|
|
36
|
+
# def new
|
|
37
|
+
# super
|
|
38
|
+
# end
|
|
39
|
+
|
|
40
|
+
# POST /resource/confirmation
|
|
41
|
+
# def create
|
|
42
|
+
# super
|
|
43
|
+
# end
|
|
44
|
+
|
|
45
|
+
# GET /resource/confirmation?confirmation_token=abcdef
|
|
46
|
+
# Override to display a form for the user to fill the final registration details
|
|
47
|
+
def show
|
|
48
|
+
@confirmation_token = params[:confirmation_token]
|
|
49
|
+
self.resource = resource_class.find_for_confirmation(@confirmation_token)
|
|
50
|
+
|
|
51
|
+
# Exit if no resources
|
|
52
|
+
unless resource.errors.empty?
|
|
53
|
+
yield(:error, resource) if block_given?
|
|
54
|
+
respond_with_navigational(resource.errors, status: :unprocessable_entity){ render :new }
|
|
55
|
+
return
|
|
56
|
+
end
|
|
57
|
+
|
|
58
|
+
# Case 1: user is confirmed but trying to confirm a new email address (change of email)
|
|
59
|
+
# Case 2: user is a new user - in this case a form is displayed with final details to fill
|
|
60
|
+
# Case 3: user is confirmed and clicking again on the link
|
|
61
|
+
if resource.confirmed?
|
|
62
|
+
resource.perform_confirmation(@confirmation_token)
|
|
63
|
+
|
|
64
|
+
if resource.errors.empty?
|
|
65
|
+
sign_in(resource)
|
|
66
|
+
set_flash_message(:notice, :confirmed) if is_flashing_format?
|
|
67
|
+
yield(:reconfirmation_success, resource) if block_given?
|
|
68
|
+
respond_with_navigational(resource){ redirect_to after_confirmation_path_for(resource_name, resource) }
|
|
69
|
+
else
|
|
70
|
+
respond_with_navigational(resource.errors, status: :unprocessable_entity){ render :new }
|
|
71
|
+
end
|
|
72
|
+
return
|
|
73
|
+
end
|
|
74
|
+
|
|
75
|
+
# Check if phone number should be required
|
|
76
|
+
# Bypassed for invited users
|
|
77
|
+
@phone_required = resource.organizations.map(&:users).flatten.count == 1
|
|
78
|
+
yield(:success, resource) if block_given?
|
|
79
|
+
end
|
|
80
|
+
|
|
81
|
+
# POST /resource/confirmation/finalize
|
|
82
|
+
# Confirm a new user and update
|
|
83
|
+
def finalize
|
|
84
|
+
@confirmation_token = params[:user].delete(:confirmation_token)
|
|
85
|
+
self.resource = resource_class.find_for_confirmation(@confirmation_token)
|
|
86
|
+
|
|
87
|
+
# Exit action and redirect if user is already confirmed
|
|
88
|
+
if resource && resource.confirmed?
|
|
89
|
+
yield(:already_confirmed, resource) if block_given?
|
|
90
|
+
redirect_to after_confirmation_path_for(resource_name, resource)
|
|
91
|
+
return
|
|
92
|
+
end
|
|
93
|
+
|
|
94
|
+
if resource.errors.empty?
|
|
95
|
+
resource.assign_attributes(params[:user]) unless resource.confirmed?
|
|
96
|
+
resource.perform_confirmation(@confirmation_token)
|
|
97
|
+
resource.save
|
|
98
|
+
sign_in resource, bypass: true
|
|
99
|
+
set_flash_message(:notice, :confirmed) if is_flashing_format?
|
|
100
|
+
yield(:success,resource) if block_given?
|
|
101
|
+
MnoEnterprise::EventLogger.info('user_confirm', resource.id, 'User confirmed', nil, resource)
|
|
102
|
+
respond_with_navigational(resource){ redirect_to after_confirmation_path_for(resource_name, resource, new_user: true) }
|
|
103
|
+
else
|
|
104
|
+
yield(:error,resource) if block_given?
|
|
105
|
+
respond_with_navigational(resource.errors, status: :unprocessable_entity){ render :new }
|
|
106
|
+
end
|
|
107
|
+
end
|
|
108
|
+
|
|
109
|
+
# TODO: specs
|
|
110
|
+
# GET /resource/confirmation/lounge
|
|
111
|
+
def lounge
|
|
112
|
+
self.resource = @resource = resource_class.to_adapter.get!(send(:"current_#{resource_name}").to_key)
|
|
113
|
+
yield(:success,resource) if block_given?
|
|
114
|
+
end
|
|
115
|
+
|
|
116
|
+
# TODO: specs
|
|
117
|
+
# PUT /resource/confirmation
|
|
118
|
+
def update
|
|
119
|
+
self.resource = @resource = resource_class.to_adapter.get!(send(:"current_#{resource_name}").to_key)
|
|
120
|
+
|
|
121
|
+
# Redirect straight away if no changes
|
|
122
|
+
if @resource.email == params[:user][:email]
|
|
123
|
+
@resource.resend_confirmation_instructions
|
|
124
|
+
redirect_to mno_enterprise.user_confirmation_lounge_path, notice: "The confirmation email has been resent."
|
|
125
|
+
return
|
|
126
|
+
end
|
|
127
|
+
|
|
128
|
+
# Update email
|
|
129
|
+
previous_email = @resource.email
|
|
130
|
+
@resource.email = params[:user][:email]
|
|
131
|
+
@resource.skip_reconfirmation!
|
|
132
|
+
|
|
133
|
+
if @resource.save
|
|
134
|
+
@resource.resend_confirmation_instructions
|
|
135
|
+
yield(:success,resource) if block_given?
|
|
136
|
+
redirect_to mno_enterprise.user_confirmation_lounge_path, notice: "'Email updated! A confirmation email has been resent."
|
|
137
|
+
else
|
|
138
|
+
# Rollback
|
|
139
|
+
#@resource.restore_email!
|
|
140
|
+
yield(resource,:error) if block_given?
|
|
141
|
+
render 'lounge'
|
|
142
|
+
end
|
|
143
|
+
end
|
|
144
|
+
|
|
145
|
+
protected
|
|
146
|
+
# The path used after resending confirmation instructions.
|
|
147
|
+
# def after_resending_confirmation_instructions_path_for(resource_name)
|
|
148
|
+
# super(resource_name)
|
|
149
|
+
# end
|
|
150
|
+
|
|
151
|
+
# The path used after confirmation.
|
|
152
|
+
# Confirm any outstanding organization invite
|
|
153
|
+
# TODO: invite acceptance logic should be moved to the 'show' action
|
|
154
|
+
def after_confirmation_path_for(resource_name, resource, opts = {})
|
|
155
|
+
return new_user_session_path unless resource
|
|
156
|
+
|
|
157
|
+
# 3 days is the duration of an invite.
|
|
158
|
+
if resource.created_at > 3.days.ago
|
|
159
|
+
# First auto confirm the orga invite if user has pending
|
|
160
|
+
# invites
|
|
161
|
+
# Get invites from previous_url (user was accepting invite but didn't have an account)
|
|
162
|
+
org_invites = []
|
|
163
|
+
if !session[:previous_url].blank? && (r = session[:previous_url].match(/\/org_invites\/(\d+)\?token=(\w+)/))
|
|
164
|
+
invite_params = { id: r.captures[0].to_i, token: r.captures[1] }
|
|
165
|
+
org_invites << MnoEnterprise::OrgInvite.where(invite_params).first
|
|
166
|
+
end
|
|
167
|
+
|
|
168
|
+
# Get remaining invites via email address
|
|
169
|
+
org_invites << MnoEnterprise::OrgInvite.where(user_email: resource.email).to_a
|
|
170
|
+
org_invites.flatten!
|
|
171
|
+
org_invites.uniq!
|
|
172
|
+
|
|
173
|
+
# Accept the invites
|
|
174
|
+
org_invites.each do |org_invite|
|
|
175
|
+
org_invite.accept!(resource) unless org_invite.expired?
|
|
176
|
+
end
|
|
177
|
+
end
|
|
178
|
+
|
|
179
|
+
if MnoEnterprise.style.workflow.signup_onboarding && opts[:new_user]
|
|
180
|
+
mno_enterprise.user_setup_index_path
|
|
181
|
+
elsif opts[:new_user]
|
|
182
|
+
after_sign_in_path_for(resource)
|
|
183
|
+
else
|
|
184
|
+
signed_in_root_path(resource)
|
|
185
|
+
end
|
|
186
|
+
end
|
|
187
|
+
end
|
|
@@ -0,0 +1,54 @@
|
|
|
1
|
+
module MnoEnterprise::Concerns::Controllers::Auth::PasswordsController
|
|
2
|
+
extend ActiveSupport::Concern
|
|
3
|
+
|
|
4
|
+
#==================================================================
|
|
5
|
+
# Included methods
|
|
6
|
+
#==================================================================
|
|
7
|
+
# 'included do' causes the included code to be evaluated in the
|
|
8
|
+
# context where it is included rather than being executed in the module's context
|
|
9
|
+
included do
|
|
10
|
+
end
|
|
11
|
+
|
|
12
|
+
#==================================================================
|
|
13
|
+
# Class methods
|
|
14
|
+
#==================================================================
|
|
15
|
+
module ClassMethods
|
|
16
|
+
# def some_class_method
|
|
17
|
+
# 'some text'
|
|
18
|
+
# end
|
|
19
|
+
end
|
|
20
|
+
|
|
21
|
+
#==================================================================
|
|
22
|
+
# Instance methods
|
|
23
|
+
#==================================================================
|
|
24
|
+
# GET /resource/password/new
|
|
25
|
+
# def new
|
|
26
|
+
# super
|
|
27
|
+
# end
|
|
28
|
+
|
|
29
|
+
# POST /resource/password
|
|
30
|
+
# def create
|
|
31
|
+
# super
|
|
32
|
+
# end
|
|
33
|
+
|
|
34
|
+
# GET /resource/password/edit?reset_password_token=abcdef
|
|
35
|
+
# def edit
|
|
36
|
+
# super
|
|
37
|
+
# end
|
|
38
|
+
|
|
39
|
+
# PUT /resource/password
|
|
40
|
+
# def update
|
|
41
|
+
# super
|
|
42
|
+
# end
|
|
43
|
+
|
|
44
|
+
# protected
|
|
45
|
+
|
|
46
|
+
# def after_resetting_password_path_for(resource)
|
|
47
|
+
# super(resource)
|
|
48
|
+
# end
|
|
49
|
+
|
|
50
|
+
# The path used after sending reset password instructions
|
|
51
|
+
# def after_sending_reset_password_instructions_path_for(resource_name)
|
|
52
|
+
# super(resource_name)
|
|
53
|
+
# end
|
|
54
|
+
end
|
|
@@ -0,0 +1,136 @@
|
|
|
1
|
+
module MnoEnterprise::Concerns::Controllers::Auth::RegistrationsController
|
|
2
|
+
extend ActiveSupport::Concern
|
|
3
|
+
|
|
4
|
+
#==================================================================
|
|
5
|
+
# Included methods
|
|
6
|
+
#==================================================================
|
|
7
|
+
# 'included do' causes the included code to be evaluated in the
|
|
8
|
+
# context where it is included rather than being executed in the module's context
|
|
9
|
+
included do
|
|
10
|
+
before_filter :configure_sign_up_params, only: [:create]
|
|
11
|
+
# before_filter :configure_account_update_params, only: [:update]
|
|
12
|
+
|
|
13
|
+
protected
|
|
14
|
+
def configure_sign_up_params
|
|
15
|
+
devise_parameter_sanitizer.for(:sign_up) { |u| u.permit(
|
|
16
|
+
:email,
|
|
17
|
+
:password,
|
|
18
|
+
:password_confirmation,
|
|
19
|
+
:name,
|
|
20
|
+
:surname,
|
|
21
|
+
:company,
|
|
22
|
+
:phone,
|
|
23
|
+
:phone_country_code
|
|
24
|
+
)}
|
|
25
|
+
end
|
|
26
|
+
end
|
|
27
|
+
|
|
28
|
+
#==================================================================
|
|
29
|
+
# Class methods
|
|
30
|
+
#==================================================================
|
|
31
|
+
module ClassMethods
|
|
32
|
+
# def some_class_method
|
|
33
|
+
# 'some text'
|
|
34
|
+
# end
|
|
35
|
+
end
|
|
36
|
+
|
|
37
|
+
#==================================================================
|
|
38
|
+
# Instance methods
|
|
39
|
+
#==================================================================
|
|
40
|
+
# GET /resource/sign_up
|
|
41
|
+
# def new
|
|
42
|
+
# super
|
|
43
|
+
# end
|
|
44
|
+
|
|
45
|
+
# POST /resource
|
|
46
|
+
def create
|
|
47
|
+
build_resource(sign_up_params)
|
|
48
|
+
resource.password ||= Devise.friendly_token
|
|
49
|
+
|
|
50
|
+
resource_saved = resource.save
|
|
51
|
+
|
|
52
|
+
if resource_saved
|
|
53
|
+
if resource.active_for_authentication?
|
|
54
|
+
set_flash_message :notice, :signed_up if is_flashing_format?
|
|
55
|
+
sign_up(resource_name, resource)
|
|
56
|
+
yield(:success,resource) if block_given?
|
|
57
|
+
respond_with resource, location: after_sign_up_path_for(resource)
|
|
58
|
+
else
|
|
59
|
+
set_flash_message :notice, :"signed_up_but_#{resource.inactive_message}" if is_flashing_format?
|
|
60
|
+
expire_data_after_sign_in!
|
|
61
|
+
yield(:success_but_inactive,resource) if block_given?
|
|
62
|
+
respond_with resource, location: after_inactive_sign_up_path_for(resource)
|
|
63
|
+
end
|
|
64
|
+
else
|
|
65
|
+
clean_up_passwords resource
|
|
66
|
+
@validatable = devise_mapping.validatable?
|
|
67
|
+
if @validatable
|
|
68
|
+
@minimum_password_length = resource_class.password_length.min
|
|
69
|
+
end
|
|
70
|
+
yield(:error,resource) if block_given?
|
|
71
|
+
respond_with resource
|
|
72
|
+
end
|
|
73
|
+
end
|
|
74
|
+
|
|
75
|
+
# GET /resource/edit
|
|
76
|
+
# def edit
|
|
77
|
+
# super
|
|
78
|
+
# end
|
|
79
|
+
|
|
80
|
+
# PUT /resource
|
|
81
|
+
# def update
|
|
82
|
+
# super
|
|
83
|
+
# end
|
|
84
|
+
|
|
85
|
+
# DELETE /resource
|
|
86
|
+
# def destroy
|
|
87
|
+
# super
|
|
88
|
+
# end
|
|
89
|
+
|
|
90
|
+
# GET /resource/cancel
|
|
91
|
+
# Forces the session data which is usually expired after sign
|
|
92
|
+
# in to be expired now. This is useful if the user wants to
|
|
93
|
+
# cancel oauth signing in/up in the middle of the process,
|
|
94
|
+
# removing all OAuth session data.
|
|
95
|
+
# def cancel
|
|
96
|
+
# super
|
|
97
|
+
# end
|
|
98
|
+
|
|
99
|
+
protected
|
|
100
|
+
|
|
101
|
+
# You can put the params you want to permit in the empty array.
|
|
102
|
+
# def configure_account_update_params
|
|
103
|
+
# devise_parameter_sanitizer.for(:account_update) << :attribute
|
|
104
|
+
# end
|
|
105
|
+
|
|
106
|
+
# The path used after sign up.
|
|
107
|
+
def after_sign_up_path_for(resource)
|
|
108
|
+
mno_enterprise.user_confirmation_lounge_path
|
|
109
|
+
end
|
|
110
|
+
|
|
111
|
+
# The path used after sign up for inactive accounts.
|
|
112
|
+
# def after_inactive_sign_up_path_for(resource)
|
|
113
|
+
# super(resource)
|
|
114
|
+
# end
|
|
115
|
+
|
|
116
|
+
def sign_up_params
|
|
117
|
+
attrs = super
|
|
118
|
+
attrs.merge(orga_on_create: create_orga_on_user_creation(attrs))
|
|
119
|
+
end
|
|
120
|
+
|
|
121
|
+
# Check whether we should create an organization for the user
|
|
122
|
+
def create_orga_on_user_creation(user_attrs)
|
|
123
|
+
return false unless user_attrs['email']
|
|
124
|
+
|
|
125
|
+
# First check previous url to see if the user
|
|
126
|
+
# was trying to accept an orga
|
|
127
|
+
orga_invites = []
|
|
128
|
+
if !session[:previous_url].blank? && (r = session[:previous_url].match(/\/orga_invites\/(\d+)\?token=(\w+)/))
|
|
129
|
+
invite_params = { id: r.captures[0].to_i, token: r.captures[1] }
|
|
130
|
+
return false if MnoEnterprise::OrgInvite.where(invite_params).any?
|
|
131
|
+
end
|
|
132
|
+
|
|
133
|
+
# Get remaining invites via email address
|
|
134
|
+
return MnoEnterprise::OrgInvite.where(user_email: user_attrs['email']).empty?
|
|
135
|
+
end
|
|
136
|
+
end
|