mno-enterprise-core 3.1.4 → 3.2.0

data/lib/her_extension/model/associations/association_proxy.rb

@@ -3,24 +3,28 @@ module Her
   module Model
     module Associations
       class AssociationProxy < (ActiveSupport.const_defined?('ProxyObject') ? ActiveSupport::ProxyObject : ActiveSupport::BasicObject)
-        
+
         install_proxy_methods :association,
           :build, :create, :update, :destroy, :where, :find, :all, :assign_nested_attributes, :reload, :order, :order_by, :limit, :skip
-        
-        
+
+        # Returns true if the association has been loaded, otherwise false.
+        def loaded?
+          !!association.instance_variable_get('@cached_result')
+        end
+
         def method_missing(name, *args, &block)
           if :object_id == name # avoid redefining object_id
             return association.fetch.object_id
           end
-          
+
           # Check if a class scope has previously been defined
           begin
             if Relation.scopes.keys.grep(::Regexp.new(name.to_s)).any?
               return self.association.send(name,*args,&block)
             end
-          rescue ::NoMethodError => e     
+          rescue ::NoMethodError => e
           end
-          
+
           # create a proxy to the fetched object's method
           # https://github.com/remiprev/her/pull/377
           AssociationProxy.install_proxy_methods 'association.fetch', name

data/lib/mno_enterprise/concerns/controllers/auth/confirmations_controller.rb

@@ -98,7 +98,7 @@ module MnoEnterprise::Concerns::Controllers::Auth::ConfirmationsController
       sign_in resource, bypass: true
       set_flash_message(:notice, :confirmed) if is_flashing_format?
       yield(:success,resource) if block_given?
-      MnoEnterprise::EventLogger.info('user_confirm', resource.id, 'User confirmed', nil, resource)
+      MnoEnterprise::EventLogger.info('user_confirm', resource.id, 'User confirmed', resource)
       respond_with_navigational(resource){ redirect_to after_confirmation_path_for(resource_name, resource, new_user: true) }
     else
       yield(:error,resource) if block_given?

data/lib/mno_enterprise/concerns/controllers/auth/omniauth_callbacks_controller.rb

@@ -0,0 +1,203 @@
+# This controller is used to handle the authentication (+creation) of external
+# users via OpenID (e.g: QuickBooks OpenID)
+#
+# When users click on the "sign in with <provider>" button, they get redirected
+# to the authorize endpoint (/users/auth/:provider - e.g: /users/auth/intuit).
+# The action (handled by parent controller OmniauthCallbacksController) prepares
+# the callback url then redirects the user to the OpenID provider (E.g: Intuit)
+# for authentication.
+#
+# Once authentication has been performed at the OpenID provider level (e.g: Intuit)
+# the user gets redirected to the callback endpoint (/users/auth/:provider/callback)
+# The provider parameter in the url (E.g: intuit) gets automatically redirected to a
+# controller action with the same name (handled by parent controller OmniauthCallbacksController)
+# as you can see below with intuit.
+#
+# Then provider specific action then handles the (creation +) authentication of the user.
+# Also, it automatically adds the right applications to the user dashboard (e.g: QuickBooks for
+# Intuit)
+#
+# Intuit:
+# --------
+# For intuit, the authorize endpoint is be bypassed when the user clicks "try Maestrano" from
+# the Intuit marketplace. The user automatically lands on the callback endpoints with a parameter
+# in the url called 'qb_initiated'. This parameter is used to automatically trigger the retrieval
+# of the oauth token in the background via javascript (by storing the temporary grant url in session)
+#
+# On Intuit, it is also possible to directly choose one of the apps proposed by Maestrano (E.g: 'SugarCRM
+# by Maestrano'). In this case, an 'app' attribute containing the app nid (named id - e.g: 'sugarcrm') is
+# added to the url parameters. The action then setup the app automatically (along with QuickBooks).
+#
+#
+module MnoEnterprise::Concerns::Controllers::Auth::OmniauthCallbacksController
+  extend ActiveSupport::Concern
+
+  #==================================================================
+  # Included methods
+  #==================================================================
+  included do
+    skip_filter :verify_authenticity_token, only: [:intuit]
+
+    providers = Devise.omniauth_providers & %i(linkedin google facebook)
+
+    providers.each do |provider|
+      provides_callback_for provider
+    end
+  end
+
+  #==================================================================
+  # Class methods
+  #==================================================================
+  module ClassMethods
+    def provides_callback_for(provider)
+      class_eval %Q{
+        def #{provider}
+          auth = env["omniauth.auth"]
+          opts = { orga_on_create: create_orga_on_user_creation(auth.info.email) }
+
+          @user = MnoEnterprise::User.find_for_oauth(auth, opts, current_user)
+
+          if @user.persisted?
+            sign_in_and_redirect @user, event: :authentication
+            set_flash_message(:notice, :success, kind: "#{provider}".capitalize) if is_navigational_format?
+          else
+            session["devise.#{provider}_data"] = env["omniauth.auth"]
+            redirect_to new_user_registration_url
+          end
+        end
+      }
+    end
+  end
+
+  #==================================================================
+  # Instance methods
+  #==================================================================
+  # GET|POST /users/auth/:action/callback
+  def intuit
+    auth = request.env['omniauth.auth']
+    opts = {
+      orga_on_create: create_orga_on_user_creation(auth.info.email),
+      authorized_link_to_email: session['omniauth.intuit.authorized_link_to_email']
+    }
+
+    # Try to find via intuit
+    begin
+      @user = MnoEnterprise::User.find_for_oauth(auth, opts, current_user)
+    rescue SecurityError
+      # Intuit email is NOT a confirmed email. Therefore we need to ask the user to
+      # login the old fashion to make sure it is the right user!
+      session["omniauth.intuit.request_account_link"] = true
+      redirect_to new_user_session_path, notice: "Please sign in using your regular Maestrano account to confirm that you want to link it to your Intuit account"
+      return
+    end
+
+    # Cleanup any temporary omniauth.intuit session
+    cleanup_intuit_session
+
+    if @user && @user.persisted?
+      # Automatically adds a QuickBooks app (and any other app passed via :app param)
+      # to the user orga
+      # Only for new users for which an orga was created (not an invited user
+      # typically)
+      app_instances = setup_apps(@user,['quickbooks',params[:app]], oauth_keyset: params[:app])
+      qb_instance = app_instances.first
+
+      # On Intuit, Mno is configured to add qb_initiated=true if the user
+      # comes directly from apps.com (This is a different workflow from using
+      # the QuickBooks connect button because we're supposed to trigger the
+      # oauth workflow directly via javascript using directConnectToIntuit)
+      # Here we store in session the fact that we need to trigger an oauth
+      # workflow via directConnectToIntuit
+      # ----
+      # See layouts/partners/intuit for more info. The session param set
+      # below get reset in the view.
+      #
+      if params[:qb_initiated] && qb_instance && !qb_instance.oauth_keys_valid?
+        session[:qb_direct_connect_grant_url] = authorize_webhook_oauth_url(qb_instance.uid)
+      end
+
+      # The above methods trigger many different hooks which
+      # may impact the user (typically user workspace). It is safer
+      # to reload the user before continuing so that the picture
+      # is up to date
+      @user.reload
+
+      # Check whether we should redirect the user to a specific
+      # url
+      redirect_url = session.delete(:openid_previous_url) || MnoEnterprise.router.dashboard_path || main_app.root_path
+
+      sign_in @user
+      redirect_to redirect_url, event: :authentication
+
+      set_flash_message(:notice, :success, kind: "Intuit") if is_navigational_format?
+    else
+      session["devise.intuit_data"] = request.env["omniauth.auth"]
+      redirect_to home_url, "ng-controller" => "MnoSignupProcessCtrl", "ng-click" => "startProcess()"
+    end
+  end
+
+  #================================================
+  # Private methods
+  #================================================
+  private
+
+    def cleanup_intuit_session
+      session.delete("omniauth.intuit.passthru_email")
+      session.delete("omniauth.intuit.request_account_link")
+    end
+
+    # Whether to create an orga on user creation
+    def create_orga_on_user_creation(user_email = nil)
+      return false if user_email.blank?
+      return false if MnoEnterprise::User.exists?(email: user_email)
+
+      # First check previous url to see if the user
+      # was trying to accept an orga
+      if !session[:previous_url].blank? && (r = session[:previous_url].match(/\/orga_invites\/(\d+)\?token=(\w+)/))
+        invite_params = { id: r.captures[0].to_i, token: r.captures[1] }
+        return false if OrgInvite.where(invite_params).any?
+      end
+
+      # Get remaining invites via email address
+      return MnoEnterprise::OrgInvite.where(user_email: user_email).empty?
+    end
+
+    # Create or find the apps provided in argument
+    # Accept an array of app nid (named id - e.g: 'quickbooks')
+    # opts:
+    #   oauth_keyset: If a oauth_keyset is provided then it will be added to the
+    # oauth_keys of any app that is oauth ready (QuickBooks for example)
+    #
+    # Return an array of app instances (found or created)
+    def setup_apps(user = nil, app_nids = [], opts = {})
+      return [] unless user
+      return [] unless (user.organizations.reload.count == 1)
+      return [] unless (org = user.organizations.first)
+      return [] unless MnoEnterprise::Ability.new(user).can?(:edit,org)
+
+      results = []
+
+      apps = MnoEnterprise::App.where('nid.in' => app_nids.compact)
+      existing = org.app_instances.active.index_by(&:app_id)
+
+      # For each app nid (which is not nil), try to find an existing instance or create one
+      apps.each do |app|
+        if (app_instance = existing[app.id])
+          results << app_instance
+        else
+          # Provision instance and add to results
+          app_instance = org.app_instances.create(product: app.nid)
+          results << app_instance
+          MnoEnterprise::EventLogger.info('app_add', user.id, 'App added', app_instance)
+        end
+
+        # Add oauth keyset if defined and app_instance is
+        # oauth ready and does not have a valid set of oauth keys
+        if app_instance && opts[:oauth_keyset].present? && !app_instance.oauth_keys_valid?
+          app_instance.oauth_keys = { keyset: opts[:oauth_keyset] }
+          app_instance.save
+        end
+      end
+      return results
+    end
+end

data/lib/mno_enterprise/concerns/models/ability.rb

@@ -109,6 +109,34 @@ module MnoEnterprise::Concerns::Models::Ability
         !!user.role(org) && ['Super Admin', 'Admin'].include?(user.role(org))
       end
     end
+
+    can :manage_dashboard, MnoEnterprise::Impac::Dashboard do |dashboard|
+      if dashboard.owner_type == "Organization"
+        # The current user is a member of the organization that owns the dashboard that has the kpi attached to
+        owner = MnoEnterprise::Organization.find(dashboard.owner_id)
+        owner && !!user.role(owner)
+      elsif dashboard.owner_type == "User"
+        # The current user is the owner of the dashboard that has the kpi attached to
+        dashboard.owner_id == user.id
+      else
+        false
+      end
+    end
+
+    can :manage_widget, MnoEnterprise::Impac::Widget do |widget|
+      dashboard = widget.dashboard
+      authorize! :manage_dashboard, dashboard
+    end
+
+    can :manage_kpi, MnoEnterprise::Impac::Kpi do |kpi|
+      dashboard = kpi.dashboard
+      authorize! :manage_dashboard, dashboard
+    end
+
+    can :manage_alert, MnoEnterprise::Impac::Alert do |alert|
+      kpi = alert.kpi
+      authorize! :manage_kpi, kpi
+    end
   end
 
   # Abilities for admin user

data/lib/mno_enterprise/concerns/models/app_instance.rb

@@ -40,13 +40,13 @@ module MnoEnterprise::Concerns::Models::AppInstance
   included do
     attributes :id, :uid, :name, :status, :app_id, :created_at, :updated_at, :started_at, :stack, :owner_id,
     :owner_type, :terminated_at, :stopped_at, :billing_type, :autostop_at, :autostop_interval,
-    :next_status, :soa_enabled, :oauth_keys_valid, :oauth_company
+    :next_status, :soa_enabled, :oauth_company, :oauth_keys, :oauth_keys_valid, :free_trial_end_at, :per_user_licence, :active_licences_count
 
     #==============================================================
     # Constants
     #==============================================================
-    ACTIVE_STATUSES = [:running,:stopped,:staged,:provisioning,:starting,:stopping,:updating]
-    TERMINATION_STATUSES = [:terminating,:terminated]
+    ACTIVE_STATUSES = [:running, :stopped, :staged, :provisioning, :starting, :stopping, :updating]
+    TERMINATION_STATUSES = [:terminating, :terminated]
 
     #==============================================================
     # Associations
@@ -55,7 +55,7 @@ module MnoEnterprise::Concerns::Models::AppInstance
     belongs_to :app, class_name: 'MnoEnterprise::App'
 
     # Define connector_stack?, cloud_stack? etc. methods
-    [:cube,:cloud,:connector].each do |stackname|
+    [:cube, :cloud, :connector].each do |stackname|
       define_method("#{stackname}_stack?") do
         self.stack == stackname.to_s
       end
@@ -89,8 +89,26 @@ module MnoEnterprise::Concerns::Models::AppInstance
     ACTIVE_STATUSES.include?(self.status.to_sym)
   end
 
+  def per_user_licence?
+    self.per_user_licence
+  end
+
+  def under_free_trial?
+    self.under_free_trial
+  end
+
   def running?
     self.status == 'running'
   end
 
+  def to_audit_event
+    {
+      id: id,
+      uid: uid,
+      name: name,
+      app_nid: app ? app.nid : nil
+    }
+  end
+
+
 end

data/lib/mno_enterprise/concerns/models/intercom_user.rb

@@ -0,0 +1,28 @@
+require 'openssl'
+
+module MnoEnterprise::Concerns::Models::IntercomUser
+  extend ActiveSupport::Concern
+
+  #==================================================================
+  # Included methods
+  #==================================================================
+  # 'included do' causes the included code to be evaluated in the
+  # context where it is included rather than being executed in the module's context
+  included do
+  end
+
+  #==================================================================
+  # Class methods
+  #==================================================================
+  module ClassMethods
+  end
+
+  #==================================================================
+  # Instance methods
+  #==================================================================
+  # Return intercom user hash
+  # This is used in secure mode
+  def intercom_user_hash
+    OpenSSL::HMAC.hexdigest('sha256', MnoEnterprise.intercom_api_secret, (self.id || self.email).to_s) if MnoEnterprise.intercom_api_secret
+  end
+end

data/lib/mno_enterprise/concerns/models/organization.rb

@@ -51,6 +51,7 @@ module MnoEnterprise::Concerns::Models::Organization
     has_one  :credit_card, class_name: 'MnoEnterprise::CreditCard'
     has_many :teams, class_name: 'MnoEnterprise::Team'
     has_many :dashboards, class_name: 'MnoEnterprise::Impac::Dashboard'
+    has_many :widgets, class_name: 'MnoEnterprise::Impac::Widget'
     has_one :raw_last_invoice, class_name: 'MnoEnterprise::Invoice', path: '/last_invoice'
     has_one :app_instances_sync, class_name: 'MnoEnterprise::AppInstancesSync'
   end
@@ -73,7 +74,7 @@ module MnoEnterprise::Concerns::Models::Organization
   # @params [Boolean] show_staged Also displayed staged invites (ie: not sent)
   def members(show_staged=false)
     invites = show_staged ? self.org_invites.active_or_staged : self.org_invites.active
-    [self.users, invites].flatten
+    [self.users, invites.to_a].flatten
   end
 
   # Add a user to the organization with the provided role
@@ -102,4 +103,16 @@ module MnoEnterprise::Concerns::Models::Organization
   def update_user(user, role = 'Member')
     self.users.update(id: user.id, role: role)
   end
+
+  def to_audit_event
+    {
+      id: id,
+      uid: uid,
+      name: name
+    }
+  end
+
+  def payment_restriction
+    meta_data && meta_data['payment_restriction']
+  end
 end

data/lib/mno_enterprise/concerns/models/team.rb

@@ -0,0 +1,67 @@
+# == Schema Information
+#
+# Endpoint:
+#  - /v1/teams
+#  - /v1/organizations/:organization_id/teams
+#
+#  id              :integer         not null, primary key
+#  name            :string(255)
+#  created_at      :datetime        not null
+#  updated_at      :datetime        not null
+#  organization_id :integer
+#
+
+module MnoEnterprise::Concerns::Models::Team
+  extend ActiveSupport::Concern
+
+  #==================================================================
+  # Included methods
+  #==================================================================
+  # 'included do' causes the included code to be evaluated in the
+  # context where it is included rather than being executed in the module's context
+  included do
+    attributes :id, :name, :organization_id
+
+    #=====================================
+    # Associations
+    #=====================================
+    belongs_to :organization, class_name: 'MnoEnterprise::Organization'
+    has_many :users, class_name: 'MnoEnterprise::User'
+    has_many :app_instances, class_name: 'MnoEnterprise::AppInstance'
+  end
+
+  #==================================================================
+  # Class methods
+  #==================================================================
+  module ClassMethods
+    # def some_class_method
+    #   'some text'
+    # end
+  end
+
+  #==================================================================
+  # Instance methods
+  #==================================================================
+  # Add a user to the team
+  # TODO: specs
+  def add_user(user)
+    self.users.create(id: user.id)
+  end
+
+  # Remove a user from the team
+  # TODO: specs
+  def remove_user(user)
+    self.users.destroy(id: user.id)
+  end
+
+  # Set the app_instance permissions of this team
+  # Accept a collection of hashes or an array of ids
+  # TODO: specs
+  def set_access_to(collection_or_array)
+    # Empty arrays do not seem to be passed in the request. Force value in this case
+    list = collection_or_array.empty? ? [""] : collection_or_array
+    self.put(data: { set_access_to: list })
+    self.reload
+    self
+  end
+end

data/lib/mno_enterprise/core.rb

@@ -21,6 +21,7 @@ require "her_extension/model/associations/belongs_to_association"
 require "her_extension/middleware/mnoe_api_v1_parse_json"
 require "her_extension/middleware/mnoe_raise_error"
 require "faraday_middleware"
+require "httparty"
 require "mno_enterprise/engine"
 
 require 'mno_enterprise/database_extendable'
@@ -29,8 +30,7 @@ require 'mno_enterprise/database_extendable'
 require 'config'
 require 'figaro'
 
-require "mandrill_client"
-
+require 'mandrill_client'
 require 'accountingjs_serializer'
 
 module MnoEnterprise
@@ -52,7 +52,7 @@ module MnoEnterprise
     end
 
     def terms_url
-      @terms_url || '#'
+      @terms_url || '/mnoe/terms'
     end
 
     def admin_path
@@ -213,6 +213,23 @@ module MnoEnterprise
   mattr_accessor :google_tag_container
   @@google_tag_container = nil
 
+  mattr_accessor :intercom_app_id
+  @@intercom_app_id = nil
+
+  mattr_accessor :intercom_api_secret
+  @@intercom_api_secret = nil
+
+  mattr_accessor :intercom_api_key
+  @@intercom_api_key = nil
+
+  mattr_accessor :intercom_token
+  @@intercom_token = nil
+
+  # Define if Intercom is enabled. Only if the gem intercom is present
+  def self.intercom_enabled?
+    defined?(::Intercom) && ((intercom_app_id && intercom_api_key) || intercom_token)
+  end
+
   #====================================
   # Layout & Styling
   #====================================
@@ -248,6 +265,8 @@ module MnoEnterprise
     @@style
   end
 
+
+
   # Default way to setup MnoEnterprise. Run rails generate mno-enterprise:install to create
   # a fresh initializer with all configuration values.
   def self.configure

data/lib/mno_enterprise/impac_client.rb

@@ -0,0 +1,19 @@
+module MnoEnterprise
+  class ImpacClient
+    include HTTParty
+
+    def self.host
+      "#{Settings.impac.protocol}://#{Settings.impac.host}"
+    end
+
+    def self.endpoint_url(endpoint, params)
+      "#{File.join(host,endpoint)}?#{params.to_query}"
+    end
+
+    def self.send_get(endpoint, params, opts={})
+      url = endpoint_url(endpoint, params)
+      get(url, opts)
+    end
+
+  end
+end

data/lib/mno_enterprise/mail_adapters/mandrill_adapter.rb

@@ -16,7 +16,10 @@ module MnoEnterprise
           # Prepare message from args
           message = { from_name: from[:name], from_email: from[:email]}
           message[:to] = [to].flatten.map { |t| {name: t[:name], email: t[:email], type: (t[:type] || :to) } }
-          message[:global_merge_vars] = vars.map { |k,v| {name: k.to_s, content: v} }
+
+          # Sanitize merge vars
+          full_sanitizer = Rails::Html::FullSanitizer.new
+          message[:global_merge_vars] = vars.map { |k,v| {name: k.to_s, content: full_sanitizer.sanitize(v)} }
 
           # Merge additional mandrill options
           message.merge!(opts)

data/lib/mno_enterprise/testing_support/factories/app_review.rb

@@ -0,0 +1,51 @@
+# Read about factories at https://github.com/thoughtbot/factory_girl
+
+FactoryGirl.define do
+  factory :mno_enterprise_app_review, :class => 'AppReview' do
+
+    factory :app_review, class: MnoEnterprise::AppReview do
+      sequence(:id)
+      description 'Some Description'
+      status 'approved'
+      rating 3
+      app_id 'app-id'
+      app_name 'the app'
+      user_id 'usr-11'
+      user_name 'Jean Bon'
+      organization_id 'org-11'
+      organization_name 'Organization 11'
+      created_at 3.days.ago
+      updated_at 1.hour.ago
+      edited true
+      edited_by_name 'Jane Dale'
+      edited_by_admin_role 'admin'
+      edited_by_id 1
+
+      user_admin_role 'admin'
+      # Properly build the resource with Her
+      initialize_with { new(attributes).tap { |e| e.clear_attribute_changes! } }
+
+      factory :app_feedback, class: MnoEnterprise::AppFeedback do
+        type 'Feedback'
+        sequence(:description) { |n| "Feedback ##{n}" }
+      end
+
+      factory :app_question, class: MnoEnterprise::AppQuestion do
+        type 'Question'
+        sequence(:description) { |n| "Question ##{n}" }
+      end
+
+      factory :app_comment, class: MnoEnterprise::AppComment do
+        type 'Comment'
+        sequence(:description) { |n| "Comment ##{n}" }
+        feedback_id 'feedback-id'
+      end
+
+      factory :app_answer, class: MnoEnterprise::AppAnswer do
+        type 'Answer'
+        sequence(:description) { |n| "Answer ##{n}" }
+        question_id 'question-id'
+      end
+    end
+  end
+end

data/lib/mno_enterprise/testing_support/factories/apps.rb

@@ -5,7 +5,7 @@ FactoryGirl.define do
     sequence(:id) { |n| n }
     sequence(:name) { |n| "TestApp#{n}" }
     nid { name.parameterize }
-    
+
     description "This is a description"
     created_at 1.day.ago
     updated_at 2.hours.ago
@@ -14,30 +14,32 @@ FactoryGirl.define do
     slug { "#{id}-myapp" }
     categories ["CRM"]
     tags ['Foo', 'Bar']
-    key_benefits ['Super','Hyper','Good']
-    key_features ['Super','Hyper','Good']
-    testimonials [{text:'Bla', company:'Doe Pty Ltd', author: 'John'}]
+    key_benefits ['Super', 'Hyper', 'Good']
+    key_features ['Super', 'Hyper', 'Good']
+    testimonials [{text: 'Bla', company: 'Doe Pty Ltd', author: 'John'}]
     worldwide_usage 120000
     tiny_description "A great app"
     stack 'cube'
     terms_url "http://opensource.org/licenses/MIT"
     appinfo { {} }
+    average_rating { rand(1..5) }
     sequence(:rank) { |n| n }
-    pricing_plans {{
-      'default' =>[{name: 'Monthly Plan', price: '20.0', currency: 'AUD', factor: '/month'}]
-    }}
+    running_instances_count { rand(0..10) }
+    pricing_plans { {
+      'default' => [{name: 'Monthly Plan', price: '20.0', currency: 'AUD', factor: '/month'}]
+    } }
 
     trait :cloud do
       stack 'cloud'
     end
-  
+
     trait :connector do
       stack 'connector'
     end
-  
+
     factory :cloud_app, traits: [:cloud]
     factory :connector_app, traits: [:connector]
-    
+
     # Properly build the resource with Her
     initialize_with { new(attributes).tap { |e| e.clear_attribute_changes! } }
   end

data/lib/mno_enterprise/testing_support/factories/identity.rb

@@ -0,0 +1,9 @@
+FactoryGirl.define do
+  factory :identity, class: MnoEnterprise::Identity do
+    provider 'someprovider'
+    uid '123456'
+
+    # Properly build the resource with Her
+    initialize_with { new(attributes).tap { |e| e.clear_attribute_changes! } }
+  end
+end