openproject-token 3.0.1 → 5.0.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: f959bb6247948bcf6fd18e7f09c798e5b037d1a4d62bf6e1c92781e7e2e5e4e6
-  data.tar.gz: 9d42841010ef13874b4a3b489c1e96bb750c0650e00a94ed583008623279fbfe
+  metadata.gz: 9021fbc26db21370414a6f9485ed9ce847b5d5ca3a77393aaff2e2f86c50728d
+  data.tar.gz: 370ab48e53014a37c6cbb4bf418400864df94186bbbeba219500acedc725f70b
 SHA512:
-  metadata.gz: a9128f8b0bc9d6cb550dc89c1d085bed523f552f53c44800b3f51819e2b386fe77d2734178bf9c66de8bbd8506de0ee21b32fe7af3362f8bc6916a93eea7ffee
-  data.tar.gz: 3e3172042fac599e58fb80aaa569adfa697a30713eab643d5f4a085728a725d2e7e8b8561772a778266ee8bb5d3211bb6a46bce80d3987cec1fbc6bdc04d971d
+  metadata.gz: eb330f918313dbda534b4f159d50c79645b0de2d64060134017fb6d0b5741a997a2f166fd06791626ac13f06f95d2d24551f33de6dd5c011c5ba696d7711f08a
+  data.tar.gz: 58c9d1c2db792f3bf1280973803c68fc244ef63b4c3cdc45cb6c82b79d8b3b5b5e97909f0480ef8d1654fa3bef8f2711ba0b27e3dfeb2a35954651048664500c

data/lib/open_project/token/armor.rb

@@ -1,9 +1,11 @@
+# frozen_string_literal: true
+
 module OpenProject
   class Token
     module Armor
       class ParseError < StandardError; end
 
-      MARKER = 'OPENPROJECT-EE TOKEN'
+      MARKER = "OPENPROJECT-EE TOKEN"
 
       class << self
         def header
@@ -15,19 +17,17 @@ module OpenProject
         end
 
         def encode(data)
-          ''.tap do |s|
-            s << header << "\n"
-
-            s << data.strip << "\n"
-
-            s << footer
-          end
+          <<~DATA
+            #{header}
+            #{data.strip}
+            #{footer}
+          DATA
         end
 
         def decode(data)
           match = data.match /#{header}\r?\n(.+?)\r?\n#{footer}/m
           if match.nil?
-            raise ParseError, 'Failed to parse armored text.'
+            raise ParseError, "Failed to parse armored text."
           end
 
           match[1]

data/lib/open_project/token/extractor.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 module OpenProject
   class Token
     class Extractor
@@ -40,17 +42,17 @@ module OpenProject
         end
 
         # Decrypt the data using symmetric AES encryption.
-        cipher = OpenSSL::Cipher::AES128.new(:CBC)
+        cipher = OpenSSL::Cipher.new("aes-128-cbc")
         cipher.decrypt
 
         begin
-          cipher.key  = aes_key
+          cipher.key = aes_key
         rescue OpenSSL::Cipher::CipherError
           raise DecryptionError, "AES encryption key is invalid."
         end
 
         begin
-          cipher.iv   = aes_iv
+          cipher.iv = aes_iv
         rescue OpenSSL::Cipher::CipherError
           raise DecryptionError, "AES IV is invalid."
         end

data/lib/open_project/token/plans.rb

@@ -0,0 +1,40 @@
+# frozen_string_literal: true
+
+module OpenProject
+  class Token
+    LEGACY_ENTERPRISE_PLAN_FEATURES = %i[
+      baseline_comparison
+      board_view
+      conditional_highlighting
+      custom_actions
+      custom_field_hierarchies
+      customize_life_cycle
+      date_alerts
+      define_custom_style
+      edit_attribute_groups
+      gantt_pdf_export
+      grid_widget_wp_graph
+      ldap_groups
+      one_drive_sharepoint_file_storage
+      placeholder_users
+      project_list_sharing
+      readonly_work_packages
+      sso_auth_providers
+      team_planner_view
+      two_factor_authentication
+      virus_scanning
+      work_package_query_relation_columns
+      work_package_sharing
+      work_package_subject_generation
+    ].freeze
+
+    FEATURES_PER_PLAN = {
+      legacy_enterprise: LEGACY_ENTERPRISE_PLAN_FEATURES
+    }.freeze
+
+    AVAILABLE_PLAN_NAMES = FEATURES_PER_PLAN.keys.sort.freeze
+
+    # default plan that is assigned to a token if no plan is given (especially legacy tokens)
+    DEFAULT_PLAN = :legacy_enterprise
+  end
+end

data/lib/open_project/token/version.rb

@@ -1,5 +1,7 @@
+# frozen_string_literal: true
+
 module OpenProject
   class Token
-    VERSION = "3.0.1"
+    VERSION = "5.0.0"
   end
 end

data/lib/open_project/token.rb

@@ -1,13 +1,16 @@
+# frozen_string_literal: true
+
 require "openssl"
 require "date"
 require "json"
 require "base64"
 
-require 'active_model'
+require "active_model"
 
 require "open_project/token/version"
 require "open_project/token/extractor"
 require "open_project/token/armor"
+require "open_project/token/plans"
 
 module OpenProject
   class Token
@@ -48,23 +51,21 @@ module OpenProject
 
     include ActiveModel::Validations
 
-    attr_reader :version
-    attr_accessor :subscriber, :mail, :company, :domain
-    attr_accessor :starts_at, :issued_at, :expires_at
-    attr_accessor :reprieve_days
-    attr_accessor :notify_admins_at, :notify_users_at, :block_changes_at
-    attr_accessor :restrictions
+    attr_reader :version, :plan
+    attr_accessor :subscriber, :mail, :company, :domain, :starts_at, :issued_at, :expires_at, :reprieve_days, :notify_admins_at,
+                  :notify_users_at, :block_changes_at, :restrictions, :features
 
     validates_presence_of :subscriber
     validates_presence_of :mail
     validates_presence_of :company, allow_blank: true
     validates_presence_of :domain, if: :validate_domain?
+    validates_inclusion_of :plan, in:  -> { OpenProject::Token::AVAILABLE_PLAN_NAMES }, allow_blank: true
 
     validates_each(
       :starts_at, :issued_at, :expires_at, :notify_admins_at, :notify_users_at, :block_changes_at,
-      allow_blank: true) do |record, attr, value|
-
-      record.errors.add attr, 'is not a date' if !value.is_a?(Date)
+      allow_blank: true
+    ) do |record, attr, value|
+      record.errors.add attr, "is not a date" if !value.is_a?(Date)
     end
 
     validates_each :restrictions, allow_nil: true do |record, attr, value|
@@ -76,19 +77,36 @@ module OpenProject
     end
 
     def will_expire?
-      self.expires_at
+      expires_at
     end
 
     def will_notify_admins?
-      self.notify_admins_at
+      notify_admins_at
     end
 
     def will_notify_users?
-      self.notify_users_at
+      notify_users_at
     end
 
     def will_block_changes?
-      self.block_changes_at
+      block_changes_at
+    end
+
+    def has_feature?(name)
+      available_features.include?(name.to_sym)
+    end
+
+    def plan=(value)
+      value.presence&.to_sym
+    end
+
+    def available_features
+      return @available_features if defined?(@available_features)
+
+      relevant_features = OpenProject::Token::FEATURES_PER_PLAN[plan] || []
+      additional_features = features || []
+
+      @available_features = (relevant_features + additional_features).uniq
     end
 
     ##
@@ -103,7 +121,7 @@ module OpenProject
     def expired?(reprieve: true)
       offset = reprieve ? reprieve_days.to_i : 0
 
-      will_expire? && Date.today >= self.expires_at.next_day(offset)
+      will_expire? && Date.today >= expires_at.next_day(offset)
     end
 
     ##
@@ -113,19 +131,19 @@ module OpenProject
     def reprieve_days_left
       return nil unless reprieve_days.to_i > 0 && expired?(reprieve: false)
 
-      (self.expires_at.next_day(reprieve_days.to_i) - Date.today).to_i
+      (expires_at.next_day(reprieve_days.to_i) - Date.today).to_i
     end
 
     def notify_admins?
-      will_notify_admins? && Date.today >= self.notify_admins_at
+      will_notify_admins? && Date.today >= notify_admins_at
     end
 
     def notify_users?
-      will_notify_users? && Date.today >= self.notify_users_at
+      will_notify_users? && Date.today >= notify_users_at
     end
 
     def block_changes?
-      will_block_changes? && Date.today >= self.block_changes_at
+      will_block_changes? && Date.today >= block_changes_at
     end
 
     # tokens with no version or a version lower than 2.0 don't have the attributes company or domain
@@ -152,33 +170,35 @@ module OpenProject
     def attributes
       hash = {}
 
-      hash["version"]          = self.version
-      hash["subscriber"]       = self.subscriber
-      hash["mail"]             = self.mail
-      hash["company"]          = self.company
-      hash["domain"]           = self.domain
+      hash["version"]          = version
+      hash["subscriber"]       = subscriber
+      hash["mail"]             = mail
+      hash["company"]          = company
+      hash["domain"]           = domain
+      hash["plan"]             = plan
 
-      hash["issued_at"]        = self.issued_at
-      hash["starts_at"]        = self.starts_at
-      hash["expires_at"]       = self.expires_at       if self.will_expire?
-      hash["reprieve_days"]    = self.reprieve_days    if self.will_expire?
+      hash["issued_at"]        = issued_at
+      hash["starts_at"]        = starts_at
+      hash["expires_at"]       = expires_at       if will_expire?
+      hash["reprieve_days"]    = reprieve_days    if will_expire?
 
-      hash["notify_admins_at"] = self.notify_admins_at if self.will_notify_admins?
-      hash["notify_users_at"]  = self.notify_users_at  if self.will_notify_users?
-      hash["block_changes_at"] = self.block_changes_at if self.will_block_changes?
+      hash["notify_admins_at"] = notify_admins_at if will_notify_admins?
+      hash["notify_users_at"]  = notify_users_at  if will_notify_users?
+      hash["block_changes_at"] = block_changes_at if will_block_changes?
 
-      hash["restrictions"]     = self.restrictions     if self.restricted?
+      hash["restrictions"]     = restrictions     if restricted?
+      hash["features"]         = features
 
       hash
     end
 
-    def to_json
-      JSON.dump(self.attributes)
+    def to_json(*_args)
+      JSON.dump(attributes)
     end
 
     def from_json(json)
       load_attributes(JSON.parse(json))
-    rescue => e
+    rescue StandardError => e
       raise ParseError, "Failed to load from json: #{e}"
     end
 
@@ -188,11 +208,10 @@ module OpenProject
       @parsed_domain
     end
 
-
     private
 
     def load_attributes(attributes)
-      attributes = Hash[attributes.map { |k, v| [k.to_s, v] }]
+      attributes = attributes.transform_keys(&:to_s)
 
       @version = read_version attributes
       @subscriber = attributes["subscriber"]
@@ -202,7 +221,13 @@ module OpenProject
 
       date_attribute_keys.each do |attr|
         value = attributes[attr]
-        value = Date.parse(value) rescue nil if value.is_a?(String)
+        if value.is_a?(String)
+          value = begin
+            Date.parse(value)
+          rescue StandardError
+            nil
+          end
+        end
 
         next unless value
 
@@ -212,19 +237,26 @@ module OpenProject
       reprieve_days = attributes["reprieve_days"]
 
       if will_expire?
-        if reprieve_days.nil? && apply_default_reprieve?(version)
-          @reprieve_days = 7
-        else
-          @reprieve_days = reprieve_days.to_i
-        end
+        @reprieve_days = if reprieve_days.nil? && apply_default_reprieve?(version)
+                           7
+                         else
+                           reprieve_days.to_i
+                         end
       end
 
       restrictions = attributes["restrictions"]
 
-      if restrictions && restrictions.is_a?(Hash)
-        restrictions = Hash[restrictions.map { |k, v| [k.to_sym, v] }]
+      if restrictions.is_a?(Hash)
+        restrictions = restrictions.transform_keys(&:to_sym)
         @restrictions = restrictions
       end
+
+      features = attributes["features"]
+      if features.is_a?(Array)
+        @features = features.map(&:to_sym)
+      end
+
+      @plan = attributes["plan"].presence&.to_sym || OpenProject::Token::DEFAULT_PLAN
     end
 
     ##
@@ -261,7 +293,7 @@ module OpenProject
     end
 
     def read_domain!(input)
-      return input if input.nil? || !(input.start_with?('/') && input.end_with?('/'))
+      return input if input.nil? || !(input.start_with?("/") && input.end_with?("/"))
 
       # Omit the slashes of the input
       Regexp.new input[1..-2]
@@ -276,10 +308,9 @@ module OpenProject
     end
 
     def domain_required_from_version
-      @domain_required_from_version ||= Gem::Version.new('2.0')
+      @domain_required_from_version ||= Gem::Version.new("2.0")
     end
 
-
     ##
     # Reprieve was introduced in version 2.2.0 so could only be set
     # during generation from then onwards. All tokens before that

data/lib/openproject-token.rb

@@ -1 +1,3 @@
-require 'open_project/token'
+# frozen_string_literal: true
+
+require "open_project/token"

metadata

@@ -1,14 +1,13 @@
 --- !ruby/object:Gem::Specification
 name: openproject-token
 version: !ruby/object:Gem::Version
-  version: 3.0.1
+  version: 5.0.0
 platform: ruby
 authors:
 - OpenProject GmbH
-autorequire: 
 bindir: bin
 cert_chain: []
-date: 2023-04-17 00:00:00.000000000 Z
+date: 2025-02-28 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: activemodel
@@ -24,35 +23,6 @@ dependencies:
     - - ">="
       - !ruby/object:Gem::Version
         version: '0'
-- !ruby/object:Gem::Dependency
-  name: pry
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '0.10'
-  type: :development
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '0.10'
-- !ruby/object:Gem::Dependency
-  name: rspec
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '3.5'
-  type: :development
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '3.5'
-description: 
 email: info@openproject.com
 executables: []
 extensions: []
@@ -63,13 +33,14 @@ files:
 - lib/open_project/token.rb
 - lib/open_project/token/armor.rb
 - lib/open_project/token/extractor.rb
+- lib/open_project/token/plans.rb
 - lib/open_project/token/version.rb
 - lib/openproject-token.rb
 homepage: https://www.openproject.org
 licenses:
 - GPL-3.0
-metadata: {}
-post_install_message: 
+metadata:
+  rubygems_mfa_required: 'true'
 rdoc_options: []
 require_paths:
 - lib
@@ -77,15 +48,14 @@ required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
-      version: '0'
+      version: 3.4.2
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.3.7
-signing_key: 
+rubygems_version: 3.6.5
 specification_version: 4
 summary: OpenProject EE token reader
 test_files: []