RubyGems - ncs_navigator_authority - Versions diffs - 0.0.2 - Mend

ncs_navigator_authority 0.0.2

Files changed (46) hide show

data/.gitignore ADDED Viewed

@@ -0,0 +1,5 @@
+*.gem
+.bundle
+Gemfile.lock
+pkg/*
+target/*

data/.rvmrc ADDED Viewed

@@ -0,0 +1,3 @@
+rvm ree-1.8.7-2011.03
+rvm_gemset_create_on_use_flag=1
+rvm gemset use ncs_navigator_authority

data/Gemfile ADDED Viewed

@@ -0,0 +1,4 @@
+source "http://rubygems.org"
+# Specify your gem's dependencies in ncs_navigator_authority.gemspec
+gemspec

data/Rakefile ADDED Viewed

@@ -0,0 +1,8 @@
+require 'bundler/gem_tasks'
+require 'rspec/core/rake_task'
+require 'ci/reporter/rake/rspec'
+RSpec::Core::RakeTask.new do |t|
+  t.pattern = "spec/**/*_spec.rb"
+end

data/build.yaml ADDED Viewed

@@ -0,0 +1,4 @@
+gems:
+- buildr =1.4.6
+- buildr-gemjar =1.1.0
+jruby: 1.6.5

data/buildfile ADDED Viewed

@@ -0,0 +1,7 @@
+require 'buildr/bnd'
+require 'buildr-gemjar'
+define 'ncs_navigator_authority_gems' do
+  project.version = '0.0.1.DEV'
+  package(:gemjar).with_gem(:file => _('ncs_navigator_authority-0.0.1.gem'))
+end

data/lib/ncs_navigator/.DS_Store ADDED Viewed

Binary file

data/lib/ncs_navigator/authorization.rb ADDED Viewed

@@ -0,0 +1,7 @@
+module NcsNavigator
+  module Authorization
+    autoload :Core, 'ncs_navigator/authorization/core'
+    autoload :StaffPortal, 'ncs_navigator/authorization/staff_portal'
+    autoload :Psc, 'ncs_navigator/authorization/psc'
+  end
+end

data/lib/ncs_navigator/authorization/core.rb ADDED Viewed

@@ -0,0 +1,3 @@
+module NcsNavigator::Authorization::Core
+  autoload :Authority, 'ncs_navigator/authorization/core/authority'
+end

data/lib/ncs_navigator/authorization/core/authority.rb ADDED Viewed

@@ -0,0 +1,84 @@
+require 'ncs_navigator/configuration'
+module NcsNavigator::Authorization::Core
+  class Authority
+    def initialize(ignored_config=nil)
+      @groups = {}
+      @portal = :NCSNavigator
+    end
+    def amplify!(user)
+      base = user(user)
+      return user unless base
+      user.merge!(base)
+    end
+    def user(user)
+      staff = get_staff(user)
+      if staff
+        u = Aker::User.new(user.username)
+        u.portals << @portal
+        attributes = ["first_name", "last_name", "email"]
+        attributes.each do |a|
+          setter = "#{a}="
+          if u.respond_to?(setter)
+            u.send(setter, staff[a])
+          end
+        end
+        u.identifiers[:staff_id] = staff["staff_id"]
+        groups = staff['roles'].collect do |role|
+          role['name']
+        end
+        if groups
+          u.group_memberships(@portal).concat(load_group_memberships(@portal, groups))
+        end
+        u
+      else
+        nil
+      end
+    end
+    private
+    def staff_portal_uri
+      NcsNavigator.configuration.staff_portal_uri
+    end
+    def get_connection(user)
+      connection = staff_portal_client(user).connection
+    end
+    def staff_portal_client(user)
+      NcsNavigator::Authorization::StaffPortal::Client.new(staff_portal_uri, :authenticator => create_authenticator(user))
+    end
+    def create_authenticator(user)
+        { :token => lambda { user.cas_proxy_ticket(staff_portal_uri) } }
+    end
+    def load_group_memberships(portal, group_data)
+      group_data.collect do |group|
+        Aker::GroupMembership.new(find_or_create_group(portal, group))
+      end
+    end
+    def find_or_create_group(portal, group_name)
+      existing = (@groups[portal] ||= []).collect { |top|
+        top.find { |g| g.name == group_name }
+      }.compact.first
+      return existing if existing
+      @groups[portal] << Aker::Group.new(group_name)
+      @groups[portal].last
+    end
+    def get_staff(user)
+      connection = get_connection(user)
+      response = connection.get '/staff/' << user.username << '.json'
+      if response.status == 200
+        response.body
+      else
+        nil
+      end
+    end
+  end
+end

data/lib/ncs_navigator/authorization/psc.rb ADDED Viewed

@@ -0,0 +1,3 @@
+module NcsNavigator::Authorization::Psc
+  autoload :Authority, 'ncs_navigator/authorization/psc/authority'
+end

data/lib/ncs_navigator/authorization/psc/authority.rb ADDED Viewed

@@ -0,0 +1,193 @@
+require 'ncs_navigator/configuration'
+module NcsNavigator::Authorization::Psc
+  class Authority
+    def initialize(ignored_config=nil)
+      @staff_portal_connection ||= staff_portal_client.connection
+    end
+    def get_user_by_username(username, role_detail_level)
+      user(username)
+    end
+    def get_user_by_id(id, role_detail_level)
+      user(id)
+    end
+    def get_users_by_role(role_name)
+      users_hash(get_users_collection_by_role(role_name))
+    end
+    def search_users(criteria)
+      users_hash(get_users_by_search_criteria(criteria))
+    end
+    def user(staff)
+      user_hash(get_user_by_username_or_id(staff))
+    end
+    private
+      def users_hash(users)
+        users_hash = []
+        users.each do |u|
+          users_hash << user_hash(u)
+        end
+        users_hash
+      end
+      def user_hash(staff)
+        return nil unless staff
+        {
+          :username => staff["username"],
+          :id =>  staff["numeric_id"],
+          :email_address => staff["email"],
+          :first_name => staff["first_name"],
+          :last_name => staff["last_name"],
+          :roles => roles_hash(staff["roles"].collect {|role| role['name']})
+        }
+      end
+      def roles_hash(roles)
+        roles_hash = {}
+        roles.each do |role|
+          roles_hash.merge!(generate_roles_hash(role))
+        end
+        roles_hash
+      end
+      def generate_roles_hash(sp_role)
+        roles = {}
+        role_mappings = RoleMapping.staff_portal_to_psc(sp_role)
+        role_mappings.each do |role|
+          roles[role] = true
+        end
+        roles
+      end
+      def staff_portal_client
+        NcsNavigator::Authorization::StaffPortal::Client.new(NcsNavigator.configuration.staff_portal_uri, :authenticator => create_authenticator)
+      end
+      def create_authenticator
+        { :basic => ["psc_application", NcsNavigator.configuration.staff_portal['psc_user_password']] }
+      end
+      def get_staff(url)
+        response = @staff_portal_connection.get url
+        if response.status == 200
+          response.body
+        else
+          nil
+        end
+      end
+      def get_user_by_username_or_id(staff)
+        url = '/staff/' << staff.to_s << '.json'
+        get_staff(url)
+      end
+      def get_users_collection_by_role(psc_role)
+        roles = RoleMapping.psc_to_staff_portal(psc_role)
+        return roles if roles.empty?
+        query = 'role[]='
+        roles.each_with_index do |r, i|
+          query << r
+          unless r == roles.last
+            query << '&role[]='
+          end
+        end
+        url = '/users.json?' << query
+        get_staff(url)
+      end
+      def get_users_by_search_criteria(criteria)
+        url = '/users.json'
+        unless criteria.empty?
+          url << "?" << construct_query(criteria)
+        end
+        get_staff(url)
+      end
+      def construct_query(criteria)
+        operator = "&"
+        if criteria.has_key?(:first_name_substring)
+          query = get_search_query("first_name", criteria[:first_name_substring])
+          if criteria.has_key?(:last_name_substring)
+            query << operator
+            query << get_search_query("last_name", criteria[:last_name_substring])
+          end
+          if criteria.has_key?(:username_substring)
+            query << operator
+            query << get_search_query("username", criteria[:username_substring])
+          end
+        elsif criteria.has_key?(:last_name_substring)
+          query = get_search_query("last_name", criteria[:last_name_substring])
+          if criteria.has_key?(:username_substring)
+            query << operator
+            query << get_search_query("username", criteria[:username_substring])
+          end
+        elsif criteria.has_key?(:username_substring)
+          query = get_search_query("username", criteria[:username_substring])
+        end
+        query << "&operator=OR" if criteria.size > 1
+        query
+      end
+      def get_search_query(key, value)
+        query = "#{key}=" << value
+      end
+  end
+  class RoleMapping
+    def self.psc_to_staff_portal(psc_role)
+      roles = [];
+      case psc_role
+      when :study_calendar_template_builder, :study_creator, :study_qa_manager, :study_site_participation_administrator, :system_administrator,
+        :data_importer, :business_administrator, :person_and_organization_information_manager
+        roles << "System Administrator"
+      when :user_administrator
+        roles << "User Administrator"
+      when :study_team_administrator
+        roles << "Staff Supervisor"
+      when :data_reader
+        roles << "Data Reader"
+      when :subject_manager
+        roles << "Field Staff"
+        roles << "Phone Staff"
+      when :study_subject_calendar_manager
+        roles << "Field Staff"
+        roles << "Phone Staff"
+        roles << "Biological Specimen Collector"
+      end
+      roles
+    end
+    def self.staff_portal_to_psc(sp_role)
+      roles = [];
+      case sp_role
+      when "System Administrator"
+        roles << :study_creator
+        roles << :study_calendar_template_builder
+        roles << :study_qa_manager
+        roles << :study_site_participation_administrator
+        roles << :system_administrator
+        roles << :data_importer
+        roles << :business_administrator
+        roles << :person_and_organization_information_manager
+      when "User Administrator"
+        roles << :user_administrator
+      when "Staff Supervisor"
+        roles << :study_team_administrator
+      when "Field Staff", "Phone Staff"
+         roles << :subject_manager
+         roles << :study_subject_calendar_manager
+      when "Biological Specimen Collector"
+        roles << :study_subject_calendar_manager
+      when "Data Reader"
+         roles << :data_reader
+      end
+      roles
+    end
+  end
+end

data/lib/ncs_navigator/authorization/staff_portal.rb ADDED Viewed

@@ -0,0 +1,6 @@
+module NcsNavigator::Authorization::StaffPortal
+  autoload :AkerToken, 'ncs_navigator/authorization/staff_portal/aker_token'
+  autoload :HttpBasic, 'ncs_navigator/authorization/staff_portal/http_basic'
+  autoload :Client, 'ncs_navigator/authorization/staff_portal/client'
+  autoload :Connection, 'ncs_navigator/authorization/staff_portal/connection'
+end

data/lib/ncs_navigator/authorization/staff_portal/aker_token.rb ADDED Viewed

@@ -0,0 +1,26 @@
+require 'faraday'
+module NcsNavigator::Authorization::StaffPortal
+  class AkerToken < ::Faraday::Middleware
+    def initialize(app, token_or_creator)
+        @app = app
+        if token_or_creator.respond_to?(:call)
+            @token_creator = token_or_creator
+        else
+          @token_creator = lambda { token_or_creator }
+        end
+      end
+    def call(env)
+      env[:request_headers]['Authorization'] = "CasProxy #{token}"
+      @app.call(env)
+    end
+    private
+    def token
+      @token_creator.call
+    end
+  end
+end

data/lib/ncs_navigator/authorization/staff_portal/client.rb ADDED Viewed

@@ -0,0 +1,8 @@
+module NcsNavigator::Authorization::StaffPortal
+  class Client
+      attr_reader :connection
+      def initialize(url, options, &block)
+        @connection = NcsNavigator::Authorization::StaffPortal::Connection.new(url, options, &block)
+      end
+    end
+end

data/lib/ncs_navigator/authorization/staff_portal/connection.rb ADDED Viewed

@@ -0,0 +1,33 @@
+require 'faraday'
+require 'faraday_stack'
+module NcsNavigator::Authorization::StaffPortal
+  class Connection < ::Faraday::Connection
+      def initialize(url, options)
+        super do |builder|
+          builder.use *authentication_middleware(options[:authenticator])
+          builder.request :json
+          builder.use FaradayStack::ResponseJSON, :content_type => 'application/json'
+          builder.adapter :net_http
+        end
+      end
+      private
+      def authentication_middleware(authenticator)
+        unless authenticator
+          raise 'No authentication method specified. Please include the :authenticator option.'
+        end
+        kind = authenticator.keys.first
+        case kind
+        when :basic
+          [NcsNavigator::Authorization::StaffPortal::HttpBasic, *authenticator[kind]]
+        when :token
+          [NcsNavigator::Authorization::StaffPortal::AkerToken, authenticator[kind]]
+        else
+          raise "Unsupported authentication method #{kind.inspect}."
+        end
+      end
+    end
+end

data/lib/ncs_navigator/authorization/staff_portal/http_basic.rb ADDED Viewed

@@ -0,0 +1,16 @@
+require 'base64'
+module NcsNavigator::Authorization::StaffPortal
+  class HttpBasic
+    def initialize(app, username, password)
+      @app = app
+      @header_value = "Basic #{Base64.encode64([username, password].join(':')).strip}"
+    end
+    def call(env)
+      env[:request_headers]['Authorization'] = @header_value
+      @app.call(env)
+    end
+  end
+end

data/lib/ncs_navigator/authorization/version.rb ADDED Viewed

@@ -0,0 +1,5 @@
+module NcsNavigator
+  class Authorization
+    VERSION = '0.0.2'
+  end
+end