RubyGems - ncs_navigator_authority - Versions diffs - 0.0.2 - Mend

ncs_navigator_authority 0.0.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (46) hide show

data/.gitignore ADDED Viewed

@@ -0,0 +1,5 @@
+*.gem
+.bundle
+Gemfile.lock
+pkg/*
+target/*

data/.rvmrc ADDED Viewed

@@ -0,0 +1,3 @@
+rvm ree-1.8.7-2011.03
+rvm_gemset_create_on_use_flag=1
+rvm gemset use ncs_navigator_authority

data/Gemfile ADDED Viewed

@@ -0,0 +1,4 @@
+source "http://rubygems.org"
+# Specify your gem's dependencies in ncs_navigator_authority.gemspec
+gemspec

data/Rakefile ADDED Viewed

@@ -0,0 +1,8 @@
+require 'bundler/gem_tasks'
+require 'rspec/core/rake_task'
+require 'ci/reporter/rake/rspec'
+RSpec::Core::RakeTask.new do |t|
+  t.pattern = "spec/**/*_spec.rb"
+end

data/build.yaml ADDED Viewed

@@ -0,0 +1,4 @@
+gems:
+- buildr =1.4.6
+- buildr-gemjar =1.1.0
+jruby: 1.6.5

data/buildfile ADDED Viewed

@@ -0,0 +1,7 @@
+require 'buildr/bnd'
+require 'buildr-gemjar'
+define 'ncs_navigator_authority_gems' do
+  project.version = '0.0.1.DEV'
+  package(:gemjar).with_gem(:file => _('ncs_navigator_authority-0.0.1.gem'))
+end

data/lib/ncs_navigator/.DS_Store ADDED Viewed

Binary file

data/lib/ncs_navigator/authorization.rb ADDED Viewed

@@ -0,0 +1,7 @@
+module NcsNavigator
+  module Authorization
+    autoload :Core, 'ncs_navigator/authorization/core'
+    autoload :StaffPortal, 'ncs_navigator/authorization/staff_portal'
+    autoload :Psc, 'ncs_navigator/authorization/psc'
+  end
+end

data/lib/ncs_navigator/authorization/core.rb ADDED Viewed

@@ -0,0 +1,3 @@
+module NcsNavigator::Authorization::Core
+  autoload :Authority, 'ncs_navigator/authorization/core/authority'
+end

data/lib/ncs_navigator/authorization/core/authority.rb ADDED Viewed

@@ -0,0 +1,84 @@
+require 'ncs_navigator/configuration'
+module NcsNavigator::Authorization::Core
+  class Authority
+    def initialize(ignored_config=nil)
+      @groups = {}
+      @portal = :NCSNavigator
+    end
+    def amplify!(user)
+      base = user(user)
+      return user unless base
+      user.merge!(base)
+    end
+    def user(user)
+      staff = get_staff(user)
+      if staff
+        u = Aker::User.new(user.username)
+        u.portals << @portal
+        attributes = ["first_name", "last_name", "email"]
+        attributes.each do |a|
+          setter = "#{a}="
+          if u.respond_to?(setter)
+            u.send(setter, staff[a])
+          end
+        end
+        u.identifiers[:staff_id] = staff["staff_id"]
+        groups = staff['roles'].collect do |role|
+          role['name']
+        end
+        if groups
+          u.group_memberships(@portal).concat(load_group_memberships(@portal, groups))
+        end
+        u
+      else
+        nil
+      end
+    end
+    private
+    def staff_portal_uri
+      NcsNavigator.configuration.staff_portal_uri
+    end
+    def get_connection(user)
+      connection = staff_portal_client(user).connection
+    end
+    def staff_portal_client(user)
+      NcsNavigator::Authorization::StaffPortal::Client.new(staff_portal_uri, :authenticator => create_authenticator(user))
+    end
+    def create_authenticator(user)
+        { :token => lambda { user.cas_proxy_ticket(staff_portal_uri) } }
+    end
+    def load_group_memberships(portal, group_data)
+      group_data.collect do |group|
+        Aker::GroupMembership.new(find_or_create_group(portal, group))
+      end
+    end
+    def find_or_create_group(portal, group_name)
+      existing = (@groups[portal] ||= []).collect { |top|
+        top.find { |g| g.name == group_name }
+      }.compact.first
+      return existing if existing
+      @groups[portal] << Aker::Group.new(group_name)
+      @groups[portal].last
+    end
+    def get_staff(user)
+      connection = get_connection(user)
+      response = connection.get '/staff/' << user.username << '.json'
+      if response.status == 200
+        response.body
+      else
+        nil
+      end
+    end
+  end
+end

data/lib/ncs_navigator/authorization/psc.rb ADDED Viewed

@@ -0,0 +1,3 @@
+module NcsNavigator::Authorization::Psc
+  autoload :Authority, 'ncs_navigator/authorization/psc/authority'
+end

data/lib/ncs_navigator/authorization/psc/authority.rb ADDED Viewed

@@ -0,0 +1,193 @@
+require 'ncs_navigator/configuration'
+module NcsNavigator::Authorization::Psc
+  class Authority
+    def initialize(ignored_config=nil)
+      @staff_portal_connection ||= staff_portal_client.connection
+    end
+    def get_user_by_username(username, role_detail_level)
+      user(username)
+    end
+    def get_user_by_id(id, role_detail_level)
+      user(id)
+    end
+    def get_users_by_role(role_name)
+      users_hash(get_users_collection_by_role(role_name))
+    end
+    def search_users(criteria)
+      users_hash(get_users_by_search_criteria(criteria))
+    end
+    def user(staff)
+      user_hash(get_user_by_username_or_id(staff))
+    end
+    private
+      def users_hash(users)
+        users_hash = []
+        users.each do |u|
+          users_hash << user_hash(u)
+        end
+        users_hash
+      end
+      def user_hash(staff)
+        return nil unless staff
+        {
+          :username => staff["username"],
+          :id =>  staff["numeric_id"],
+          :email_address => staff["email"],
+          :first_name => staff["first_name"],
+          :last_name => staff["last_name"],
+          :roles => roles_hash(staff["roles"].collect {|role| role['name']})
+        }
+      end
+      def roles_hash(roles)
+        roles_hash = {}
+        roles.each do |role|
+          roles_hash.merge!(generate_roles_hash(role))
+        end
+        roles_hash
+      end
+      def generate_roles_hash(sp_role)
+        roles = {}
+        role_mappings = RoleMapping.staff_portal_to_psc(sp_role)
+        role_mappings.each do |role|
+          roles[role] = true
+        end
+        roles
+      end
+      def staff_portal_client
+        NcsNavigator::Authorization::StaffPortal::Client.new(NcsNavigator.configuration.staff_portal_uri, :authenticator => create_authenticator)
+      end
+      def create_authenticator
+        { :basic => ["psc_application", NcsNavigator.configuration.staff_portal['psc_user_password']] }
+      end
+      def get_staff(url)
+        response = @staff_portal_connection.get url
+        if response.status == 200
+          response.body
+        else
+          nil
+        end
+      end
+      def get_user_by_username_or_id(staff)
+        url = '/staff/' << staff.to_s << '.json'
+        get_staff(url)
+      end
+      def get_users_collection_by_role(psc_role)
+        roles = RoleMapping.psc_to_staff_portal(psc_role)
+        return roles if roles.empty?
+        query = 'role[]='
+        roles.each_with_index do |r, i|
+          query << r
+          unless r == roles.last
+            query << '&role[]='
+          end
+        end
+        url = '/users.json?' << query
+        get_staff(url)
+      end
+      def get_users_by_search_criteria(criteria)
+        url = '/users.json'
+        unless criteria.empty?
+          url << "?" << construct_query(criteria)
+        end
+        get_staff(url)
+      end
+      def construct_query(criteria)
+        operator = "&"
+        if criteria.has_key?(:first_name_substring)
+          query = get_search_query("first_name", criteria[:first_name_substring])
+          if criteria.has_key?(:last_name_substring)
+            query << operator
+            query << get_search_query("last_name", criteria[:last_name_substring])
+          end
+          if criteria.has_key?(:username_substring)
+            query << operator
+            query << get_search_query("username", criteria[:username_substring])
+          end
+        elsif criteria.has_key?(:last_name_substring)
+          query = get_search_query("last_name", criteria[:last_name_substring])
+          if criteria.has_key?(:username_substring)
+            query << operator
+            query << get_search_query("username", criteria[:username_substring])
+          end
+        elsif criteria.has_key?(:username_substring)
+          query = get_search_query("username", criteria[:username_substring])
+        end
+        query << "&operator=OR" if criteria.size > 1
+        query
+      end
+      def get_search_query(key, value)
+        query = "#{key}=" << value
+      end
+  end
+  class RoleMapping
+    def self.psc_to_staff_portal(psc_role)
+      roles = [];
+      case psc_role
+      when :study_calendar_template_builder, :study_creator, :study_qa_manager, :study_site_participation_administrator, :system_administrator,
+        :data_importer, :business_administrator, :person_and_organization_information_manager
+        roles << "System Administrator"
+      when :user_administrator
+        roles << "User Administrator"
+      when :study_team_administrator
+        roles << "Staff Supervisor"
+      when :data_reader
+        roles << "Data Reader"
+      when :subject_manager
+        roles << "Field Staff"
+        roles << "Phone Staff"
+      when :study_subject_calendar_manager
+        roles << "Field Staff"
+        roles << "Phone Staff"
+        roles << "Biological Specimen Collector"
+      end
+      roles
+    end
+    def self.staff_portal_to_psc(sp_role)
+      roles = [];
+      case sp_role
+      when "System Administrator"
+        roles << :study_creator
+        roles << :study_calendar_template_builder
+        roles << :study_qa_manager
+        roles << :study_site_participation_administrator
+        roles << :system_administrator
+        roles << :data_importer
+        roles << :business_administrator
+        roles << :person_and_organization_information_manager
+      when "User Administrator"
+        roles << :user_administrator
+      when "Staff Supervisor"
+        roles << :study_team_administrator
+      when "Field Staff", "Phone Staff"
+         roles << :subject_manager
+         roles << :study_subject_calendar_manager
+      when "Biological Specimen Collector"
+        roles << :study_subject_calendar_manager
+      when "Data Reader"
+         roles << :data_reader
+      end
+      roles
+    end
+  end
+end

data/lib/ncs_navigator/authorization/staff_portal.rb ADDED Viewed

@@ -0,0 +1,6 @@
+module NcsNavigator::Authorization::StaffPortal
+  autoload :AkerToken, 'ncs_navigator/authorization/staff_portal/aker_token'
+  autoload :HttpBasic, 'ncs_navigator/authorization/staff_portal/http_basic'
+  autoload :Client, 'ncs_navigator/authorization/staff_portal/client'
+  autoload :Connection, 'ncs_navigator/authorization/staff_portal/connection'
+end

data/lib/ncs_navigator/authorization/staff_portal/aker_token.rb ADDED Viewed

@@ -0,0 +1,26 @@
+require 'faraday'
+module NcsNavigator::Authorization::StaffPortal
+  class AkerToken < ::Faraday::Middleware
+    def initialize(app, token_or_creator)
+        @app = app
+        if token_or_creator.respond_to?(:call)
+            @token_creator = token_or_creator
+        else
+          @token_creator = lambda { token_or_creator }
+        end
+      end
+    def call(env)
+      env[:request_headers]['Authorization'] = "CasProxy #{token}"
+      @app.call(env)
+    end
+    private
+    def token
+      @token_creator.call
+    end
+  end
+end

data/lib/ncs_navigator/authorization/staff_portal/client.rb ADDED Viewed

@@ -0,0 +1,8 @@
+module NcsNavigator::Authorization::StaffPortal
+  class Client
+      attr_reader :connection
+      def initialize(url, options, &block)
+        @connection = NcsNavigator::Authorization::StaffPortal::Connection.new(url, options, &block)
+      end
+    end
+end

data/lib/ncs_navigator/authorization/staff_portal/connection.rb ADDED Viewed

@@ -0,0 +1,33 @@
+require 'faraday'
+require 'faraday_stack'
+module NcsNavigator::Authorization::StaffPortal
+  class Connection < ::Faraday::Connection
+      def initialize(url, options)
+        super do |builder|
+          builder.use *authentication_middleware(options[:authenticator])
+          builder.request :json
+          builder.use FaradayStack::ResponseJSON, :content_type => 'application/json'
+          builder.adapter :net_http
+        end
+      end
+      private
+      def authentication_middleware(authenticator)
+        unless authenticator
+          raise 'No authentication method specified. Please include the :authenticator option.'
+        end
+        kind = authenticator.keys.first
+        case kind
+        when :basic
+          [NcsNavigator::Authorization::StaffPortal::HttpBasic, *authenticator[kind]]
+        when :token
+          [NcsNavigator::Authorization::StaffPortal::AkerToken, authenticator[kind]]
+        else
+          raise "Unsupported authentication method #{kind.inspect}."
+        end
+      end
+    end
+end

data/lib/ncs_navigator/authorization/staff_portal/http_basic.rb ADDED Viewed

@@ -0,0 +1,16 @@
+require 'base64'
+module NcsNavigator::Authorization::StaffPortal
+  class HttpBasic
+    def initialize(app, username, password)
+      @app = app
+      @header_value = "Basic #{Base64.encode64([username, password].join(':')).strip}"
+    end
+    def call(env)
+      env[:request_headers]['Authorization'] = @header_value
+      @app.call(env)
+    end
+  end
+end

data/lib/ncs_navigator/authorization/version.rb ADDED Viewed

@@ -0,0 +1,5 @@
+module NcsNavigator
+  class Authorization
+    VERSION = '0.0.2'
+  end
+end