mno-enterprise-core 2.0.0

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA1:
+  metadata.gz: b3986ecdbc3ba353f17f75ca72fde9e71fdde276
+  data.tar.gz: c338d9efa311e9ce8cb372e764572a3f1f14ba08
+SHA512:
+  metadata.gz: 2f8a203a4719b6e6f19e5f104b363dd50fb431c24b8e2dab49e86d2f5077d423e93b5060e33f224377f104a6c482668bc157800468797e670b537fab58caa2bb
+  data.tar.gz: aa56b90af90560b69a6af6f412b1cffdbd71f2765fb2705037bb43b2d2495f5a9fa0fa540dce18d9bf5a983a642f93ad05f5aaa67c4df60ec02bdfb17af764ac

data/LICENSE

@@ -0,0 +1 @@
+Copyright 2015 Maestrano Pty Ltd

data/Rakefile

@@ -0,0 +1,12 @@
+require 'rspec/core/rake_task'
+require 'mno_enterprise/testing_support/common_rake'
+
+RSpec::Core::RakeTask.new
+
+task default: :spec
+
+desc "Generates a dummy app for testing"
+task :test_app do
+  ENV['LIB_NAME'] = 'mno_enterprise/core'
+  Rake::Task['mno_enterprise:testing:create_dummy_app'].invoke
+end

data/app/controllers/mno_enterprise/application_controller.rb

@@ -0,0 +1,116 @@
+module MnoEnterprise
+  class ApplicationController < ActionController::Base
+    protect_from_forgery
+    include ApplicationHelper
+    prepend_before_filter :skip_devise_trackable_on_xhr
+
+    before_filter :set_default_meta
+    before_filter :store_location
+    before_filter :perform_return_to
+
+    # Angular CSRF
+    if MnoEnterprise.include_angular_csrf
+      include MnoEnterprise::Concerns::Controllers::AngularCSRF
+    end
+
+    #============================================
+    # CanCan Authorization Rescue
+    #============================================
+    # Rescue the CanCan permission denied error
+    rescue_from CanCan::AccessDenied do |_exception|
+      respond_to do |format|
+        format.html { redirect_to main_app.root_path, alert: 'Unauthorized Action' }
+        format.json { render nothing: true, status: :forbidden }
+      end
+    end
+
+    def current_ability
+      MnoEnterprise::Ability.new(current_user)
+    end
+
+    def set_default_meta
+      @meta = {}
+      @meta[:title] = "Application"
+      @meta[:description] = "Enterprise Applications"
+    end
+
+    #============================================
+    # Devise
+    #============================================
+    protected
+
+    # Do not updated devise last access timestamps on ajax call so that
+    # timeout feature works properly
+    # Only GET request get ignored - POST/PUT/DELETE requests reflect a
+    # user action and should therefore be taken into account
+    def skip_devise_trackable_on_xhr
+      if request.format == 'application/json' && request.get?
+        request.env["devise.skip_trackable"] = true
+      end
+    end
+
+    # Return the user to the 'return_to' url if one was specified
+    # previously. Only if user is signed in
+    def perform_return_to
+      return true unless current_user && (url = return_to_url(current_user))
+      redirect_to url
+    end
+
+    # Devise will always redirect to the last non devise route
+    # (alias not starting with /auth)
+    # ---
+    # WARNING: if one day you change the below please also check that
+    # the new behaviour fits with ConfirmationsController (yes...I know...it's not clean)
+    def store_location
+      capture_return_to_redirection || capture_previous_url
+    end
+
+    def capture_previous_url
+      if request.format == 'text/html' && request.fullpath =~ /\/(myspace|deletion_requests|org_invites|provision)/
+        session[:previous_url] = request.original_url
+      end
+    end
+
+    # Handle return_to parameter in URL if present
+    def capture_return_to_redirection
+      return false unless request.format == 'text/html' && params[:return_to].present?
+
+      # Capture return url
+      session[:return_to] = params[:return_to]
+    end
+
+    # Return the URL that the user should be immediately returned to
+    def return_to_url(resource)
+      return nil unless (url = session.delete(:return_to)).present?
+
+      # Add Web Token to URL
+      separator = (url =~ /\?/ ? '&' : '?')
+
+      url + "#{separator}wtk=#{MnoEnterprise.jwt({user_id: resource.uid})}"
+    end
+
+    # Redirect to previous url and reset it
+    def after_sign_in_path_for(resource)
+      previous_url = session.delete(:previous_url)
+      url = mno_enterprise.respond_to?(:myspace_url) ? mno_enterprise.myspace_url : main_app.root_url
+      return (return_to_url(resource) || previous_url || url)
+    end
+
+    # Some controllers needs to redirect to 'MySpace' which breaks if you dont use mnoe-frontend
+    # Rather than relying on the MainApp to define myspace_path we check it here
+    # The MainApp can redefine this two methods to fit its structure
+    # Some of these are extracted to individuals methods like after_provision_path.
+    def mnoe_home_path
+      mno_enterprise.respond_to?(:myspace_path) ? mno_enterprise.myspace_path : main_app.root_path
+    end
+
+    def mnoe_home_url
+      mno_enterprise.respond_to?(:myspace_url) ? mno_enterprise.myspace_url : main_app.root_url
+    end
+
+    # Overwriting the sign_out redirect path method
+    def after_sign_out_path_for(resource_or_scope)
+      MnoEnterprise.router.after_sign_out_url || super
+    end
+  end
+end

data/app/helpers/mno_enterprise/application_helper.rb

@@ -0,0 +1,67 @@
+module MnoEnterprise
+  module ApplicationHelper
+    
+    def support_email
+      MnoEnterprise.support_email
+    end
+    
+    # Re-implement Devise filter
+    # For some reasons the original Devise filter seems to ignore the
+    # mnoe prefix when using custom devise controllers
+    def authenticate_user!
+      redirect_to(new_user_session_path) unless current_user
+      true
+    end
+    
+    # Redirect a signed in user to the confirmation
+    # lounge if unconfirmed
+    def redirect_to_lounge_if_unconfirmed
+      if current_user && !current_user.confirmed?
+        redirect_to user_confirmation_lounge_path
+      end
+      return true
+    end
+    
+    # Redirect to signup page if user not authenticated
+    def authenticate_user_or_signup!
+      unless current_user
+        redirect_to new_user_registration_path
+        false
+      end
+    
+      true
+    end
+    
+    def notice_hash(notice)
+      return {} unless notice
+      # TODO: refactor
+      auto_close = (notice =~ /signed (in|out)/i ? 5*1000 : nil)
+      # Check if a timeout has been defined in flash
+      unless auto_close
+        auto_close = flash[:flash_options][:timeout] if flash[:flash_options] && flash[:flash_options][:timeout]
+      end
+
+      {
+        type:'success',
+        msg: (notice || '').html_safe,
+        timeout: auto_close
+      }
+    end
+
+    def alert_hash(alert)
+      return {} unless alert
+      {
+        type:'danger',
+        msg: (alert || '').html_safe,
+        timeout: -1
+      }
+    end
+
+    # This helper converts markdown content
+    # to html, using the HtmlProcessor (see /lib)
+    def markdown(text)
+      return text unless text.present?
+      HtmlProcessor.new(text, format: :markdown).html.html_safe
+    end
+  end
+end

data/app/helpers/mno_enterprise/impersonate_helper.rb

@@ -0,0 +1,27 @@
+module MnoEnterprise
+  module ImpersonateHelper
+
+    # current_user changes from a staff user to
+    # +new_user+; current user stored in +session[:impersonator_user_id]+
+    def impersonate(new_user)
+      session[:impersonator_user_id] = current_user.id
+      sign_out(current_user)
+      sign_in new_user
+    end
+
+    # revert the +current_user+ back to the staff user
+    # stored in +session[:impersonator_user_id]+
+    def revert_impersonate
+      return unless current_impersonator
+      sign_out(current_user)
+      sign_in(current_impersonator)
+      session[:impersonator_user_id] = nil
+    end
+
+    def current_impersonator
+      return unless session[:impersonator_user_id]
+      @admin_user ||= MnoEnterprise::User.find(session[:impersonator_user_id])
+    end
+
+  end
+end

data/app/models/mno_enterprise/ability.rb

@@ -0,0 +1,6 @@
+module MnoEnterprise
+  class Ability
+    include CanCan::Ability
+    include MnoEnterprise::Concerns::Models::Ability
+  end
+end

data/app/models/mno_enterprise/app.rb

@@ -0,0 +1,72 @@
+# == Schema Information
+#
+# Endpoint: /v1/apps
+#
+#  id                       :integer         not null, primary key
+#  nid                      :string         e.g.: 'wordpress'
+#  name                     :string(255)
+#  description              :text
+#  created_at               :datetime        not null
+#  updated_at               :datetime        not null
+#  logo                     :string(255)
+#  version                  :string(255)
+#  website                  :string(255)
+#  slug                     :string(255)
+#  categories               :text
+#  key_benefits             :text
+#  key_features             :text
+#  testimonials             :text
+#  worldwide_usage          :integer
+#  tiny_description         :text
+#  popup_description        :text
+#  stack                    :string(255)
+#  terms_url                :string(255)
+#  tags                     :text
+#
+
+module MnoEnterprise
+  class App < BaseResource
+    scope :active, -> { where(active: true) }
+    scope :cloud, -> { where(stack: 'cloud') }
+
+    attributes :id, :uid, :nid, :name, :description, :tiny_description, :created_at, :updated_at, :logo, :website, :slug,
+    :categories, :key_benefits, :key_features, :testimonials, :worldwide_usage, :tiny_description,
+    :popup_description, :stack, :terms_url, :pictures, :tags, :api_key, :metadata_url, :metadata, :details
+
+    # Return the list of available categories
+    def self.categories(list = nil)
+      app_list = list || self.all.to_a
+      app_list.select { |a| a.categories.present? }.map(&:categories).flatten.uniq { |e| e.downcase }.sort
+    end
+
+    def to_audit_event
+      {
+        app_id: id,
+        app_nid: nid,
+        app_name: name
+      }
+    end
+
+    # Sanitize the app description
+    # E.g.: replace any mention of Maestrano by the tenant name
+    def sanitized_description
+      @sanitized_description ||= (self.description || '').gsub(/maestrano/i,MnoEnterprise.app_name)
+    end
+
+    # Methods for appinfo flags
+    %w(coming_soon single_billing).each do |method|
+      define_method "#{method}?" do
+        appinfo.presence && appinfo[method]
+      end
+    end
+
+    def regenerate_api_key!
+      data = self.put(operation: 'regenerate_api_key')
+      self.api_key = data[:data][:api_key]
+    end
+
+    def refresh_metadata!(metadata_url)
+      self.put(operation: 'refresh_metadata', metadata_url: metadata_url)
+    end
+  end
+end

data/app/models/mno_enterprise/app_instance.rb

@@ -0,0 +1,36 @@
+# == Schema Information
+#
+# Endpoint: 
+#  - /v1/app_instances
+#  - /v1/organizations/:organization_id/app_instances
+#
+#  id                   :integer         not null, primary key
+#  uid                  :string(255)
+#  name                 :string(255)
+#  status               :string(255)
+#  app_id               :integer
+#  created_at           :datetime        not null
+#  updated_at           :datetime        not null
+#  started_at           :datetime
+#  stack                :string(255)
+#  owner_id             :integer
+#  owner_type           :string(255)
+#  terminated_at        :datetime
+#  stopped_at           :datetime
+#  billing_type         :string(255)
+#  autostop_at          :datetime
+#  autostop_interval    :integer
+#  next_status          :string(255)
+#  soa_enabled          :boolean         default(FALSE)
+#
+# ===> to be confirmed
+#  http_url
+#  durations                :text
+#  microsoft_licence_id :integer
+#
+
+module MnoEnterprise
+  class AppInstance < BaseResource
+    include MnoEnterprise::Concerns::Models::AppInstance
+  end
+end

data/app/models/mno_enterprise/app_instances_sync.rb

@@ -0,0 +1,6 @@
+module MnoEnterprise
+  class AppInstancesSync < BaseResource
+    attributes :connectors, :mode
+    belongs_to :organization, class_name: 'MnoEnterprise::Organization'
+  end
+end

data/app/models/mno_enterprise/arrears_situation.rb

@@ -0,0 +1,6 @@
+module MnoEnterprise
+  class ArrearsSituation < BaseResource
+    belongs_to :organization, class_name: 'MnoEnterprise::Organization'
+    attributes :payment
+  end
+end

data/app/models/mno_enterprise/audit_event.rb

@@ -0,0 +1,21 @@
+module MnoEnterprise
+  class AuditEvent < BaseResource
+    def formatted_details
+      case details
+        when String
+          details
+        when Hash
+          format_serialized_details
+        else
+          nil
+      end
+    end
+
+    def format_serialized_details
+      AUDIT_LOG_CONFIG.fetch('events', {}).fetch(key, '') % details.symbolize_keys
+    rescue KeyError => e
+      e.message
+      # details.inspect
+    end
+  end
+end

data/app/models/mno_enterprise/base_resource.rb

@@ -0,0 +1,228 @@
+# TODO: spec the ActiveRecord behaviour
+# - processing of remote errors
+# - response parsing (using data: [] format)
+# - save methods
+module MnoEnterprise
+  class BaseResource
+    include Her::Model
+    include HerExtension::Validations::RemoteUniquenessValidation
+
+    include_root_in_json :data
+    use_api MnoEnterprise.mnoe_api_v1
+
+    # TODO: spec that changed_attributes is empty
+    # after a KLASS.all / KLASS.where etc..
+    after_find { |res| res.instance_variable_set(:@changed_attributes, {}) }
+
+    # Attributes common to all classes
+    attributes :id, :created_at, :updated_at
+
+    # Class query methods
+    class << self
+      # Delegate the following methods to `scoped`
+      # Clear relation params for each class level query
+      [:all, :where, :create, :find, :first_or_create, :first_or_initialize, :limit, :skip, :order_by, :sort_by, :order, :sort].each do |method|
+        class_eval <<-RUBY, __FILE__, __LINE__ + 1
+          def #{method}(*params)
+            Her::Model::Relation.new(self).send(#{method.to_sym.inspect}, *params)
+          end
+        RUBY
+      end
+
+      # ActiveRecord Compatibility for Her
+      def first(n = 1)
+        return [] unless n > 0
+        q = self.order_by('id.asc').limit(n)
+        n == 1 ? q.to_a.first : q.to_a
+      end
+
+      # ActiveRecord Compatibility for Her
+      def last(n = 1)
+        return [] unless n > 0
+        q = self.order_by('id.desc').limit(n)
+        n == 1 ? q.to_a.first : q.to_a
+      end
+
+      # Find first record using a hash of attributes
+      def find_by(hash)
+        self.where(hash).limit(1).first
+      end
+
+      # ActiveRecord Compatibility for Her
+      # Returns the class descending directly from MnoEnterprise::BaseResource, or
+      # an abstract class, if any, in the inheritance hierarchy.
+      #
+      # If A extends MnoEnterprise::BaseResource, A.base_class will return A. If B descends from A
+      # through some arbitrarily deep hierarchy, B.base_class will return A.
+      #
+      # If B < A and C < B and if A is an abstract_class then both B.base_class
+      # and C.base_class would return B as the answer since A is an abstract_class.
+      def base_class
+        unless self < BaseResource
+          raise Error, "#{name} doesn't belong in a hierarchy descending from BaseResource"
+        end
+
+        if superclass == BaseResource || superclass.abstract_class?
+          self
+        else
+          superclass.base_class
+        end
+      end
+    end
+
+    #======================================================================
+    # Instance methods
+    #======================================================================
+    # Returns a cache key that can be used to identify this record.
+    #
+    #   Product.new.cache_key     # => "products/new"
+    #   Product.find(5).cache_key # => "products/5" (updated_at not available)
+    #   Person.find(5).cache_key  # => "people/5-20071224150000" (updated_at available)
+    #
+    # You can also pass a list of named timestamps, and the newest in the list will be
+    # used to generate the key:
+    #
+    #   Person.find(5).cache_key(:updated_at, :last_reviewed_at)
+    #
+    # Notes: copied from ActiveRecord
+    def cache_key(*timestamp_names)
+      case
+        when new?
+          "#{model_name.cache_key}/new"
+        when timestamp_names.any?
+          timestamp = max_updated_column_timestamp(timestamp_names)
+          timestamp = timestamp.utc.to_s(:nsec)
+          "#{model_name.cache_key}/#{id}-#{timestamp}"
+        when timestamp = max_updated_column_timestamp
+          timestamp = timestamp.utc.to_s(:nsec)
+          "#{model_name.cache_key}/#{id}-#{timestamp}"
+        else
+          "#{model_name.cache_key}/#{id}"
+      end
+    end
+
+    def max_updated_column_timestamp(timestamp_names = [:updated_at])
+      timestamp_names
+          .map { |attr| self[attr] }
+          .compact
+          .map(&:to_time)
+          .max
+    end
+
+    def clear_association_cache
+      self.class.associations[:has_many].each do |assoc|
+        instance_variable_set(:"@_her_association_#{assoc[:name]}", nil)
+      end
+    end
+
+    # ActiveRecord Compatibility for Her
+    def read_attribute(attr_name)
+      get_attribute(attr_name)
+    end
+
+    # ActiveRecord Compatibility for Her
+    def write_attribute(attr_name, value)
+      assign_attributes(attr_name => value)
+    end
+    alias []= write_attribute
+
+    # ActiveRecord Compatibility for Her
+    def save(options={})
+      if perform_validations(options)
+        ret = super()
+        process_response_errors
+        ret
+      else
+        false
+      end
+    end
+
+    # ActiveRecord Compatibility for Her
+    def save!(options={})
+      if perform_validations(options)
+        ret = super()
+        process_response_errors
+        raise_record_invalid
+      else
+        false
+      end
+    end
+
+    # ActiveRecord Compatibility for Her
+    def reload(options = nil)
+      @attributes.update(self.class.find(self.id).attributes)
+      self.run_callbacks :find
+      self
+    end
+
+    # ActiveRecord Compatibility for Her
+    def update(attributes)
+      assign_attributes(attributes)
+      save
+    end
+
+    # Reset the ActiveModel hash containing all attribute changes
+    # Useful when initializing a existing resource using a hash fetched
+    # via http call (e.g.: MnoEnterprise::User.authenticate)
+    def clear_attribute_changes!
+      self.instance_variable_set(:@changed_attributes, {})
+    end
+
+    # Returns true if +comparison_object+ is the same exact object, or +comparison_object+
+    # is of the same type and +self+ has an ID and it is equal to +comparison_object.id+.
+    #
+    # Note that new records are different from any other record by definition, unless the
+    # other record is the receiver itself. Besides, if you fetch existing records with
+    # +select+ and leave the ID out, you're on your own, this predicate will return false.
+    #
+    # Note also that destroying a record preserves its ID in the model instance, so deleted
+    # models are still comparable.
+    def ==(comparison_object)
+      super ||
+        comparison_object.instance_of?(self.class) &&
+        !id.nil? &&
+        comparison_object.id == id
+    end
+    alias :eql? :==
+
+    protected
+      # Process errors from the servers and add them to the
+      # model
+      # Servers are returned using the jsonapi format
+      # E.g.:
+      # errors: [
+      #   {
+      #     :id=>"f720ca10-b104-0132-dbc0-600308937d74",
+      #     :href=>"http://maestrano.github.io/enterprise/#users-users-list-post",
+      #     :status=>"400",
+      #     :code=>"name-can-t-be-blank",
+      #     :title=>"Name can't be blank",
+      #     :detail=>"Name can't be blank"
+      #     :attribute => "name"
+      #     :value => "can't be blank"
+      #   }
+      # ]
+      def process_response_errors
+        if self.response_errors && self.response_errors.any?
+          self.response_errors.each do |error|
+            key = error[:attribute] && !error[:attribute].empty? ? error[:attribute] : :base
+            val = error[:value] && !error[:value].empty? ? error[:value] : error[:title]
+            self.errors[key.to_sym] << val
+          end
+        end
+      end
+
+      # ActiveRecord Compatibility for Her
+      def raise_record_invalid
+        raise(Her::Errors::ResourceInvalid.new(self))
+      end
+
+      # ActiveRecord Compatibility for Her
+      def perform_validations(options={}) # :nodoc:
+        # errors.blank? to avoid the unexpected case when errors is nil...
+        # -> THIS IS A TEMPORARY UGLY FIX
+        options[:validate] == false || self.errors.nil? || valid?(options[:context])
+      end
+
+  end
+end