openstax_accounts 0.3.0 → 1.0.0

checksums.yaml

@@ -0,0 +1,15 @@
+---
+!binary "U0hBMQ==":
+  metadata.gz: !binary |-
+    Mjc2YjE2MDk2NTlkODU2NWVkNjJhYjAzZjY2MzRiZmMxOTRmZDNkZg==
+  data.tar.gz: !binary |-
+    NzZmMzllNDRiODQ1MWVhMmRjMWNmYWYxYzc4ODUzZjNiMjkyZWFlNA==
+SHA512:
+  metadata.gz: !binary |-
+    YzgxYzZkMjI5NDc5NTk3ZjQyOGFjMDVjYThiNDg4NDY2MTM1MWRlZTI4YTQ2
+    NDE2MzVkNDc4YzI1ODNkMDQ3ZWU0YjFkNmQxZmY5YWU2YTQzM2VmZjI4Zjk0
+    MWI1MzkyMzQ0NzA1MmQxMGZkYjFiZmRlOGI4NDczYzc5ZjVlMjc=
+  data.tar.gz: !binary |-
+    ODRkZDMzMDEwNGQwNTRhYjU5NzkwODU5YzljZGE4YzhiZWUwNDkzMzkwMWMx
+    ZmEwMmNlYTUzZDVjY2VhYzg5MWJiNzJkZjcwYjQ3MjVmZjE0ZTAwOGJjOWRl
+    MTE5ODIxN2NjYTY1MzFiZjI5NjNjMjE4ZTIwNTBlNzI5N2RlNDM=

data/README.md

@@ -1,6 +1,9 @@
 accounts-rails
 =============
 
+[![Gem Version](https://badge.fury.io/rb/openstax_accounts.svg)](http://badge.fury.io/rb/openstax_accounts)
+[![Build Status](https://travis-ci.org/openstax/accounts-rails.svg?branch=master)](https://travis-ci.org/openstax/accounts-rails)
+
 A rails engine for interfacing with OpenStax's accounts server.
 
 Usage
@@ -75,6 +78,23 @@ Make sure to install the engine's migrations:
 
     rake openstax_accounts:install:migrations
 
+Syncing with Accounts
+---------------------
+
+OpenStax::Accounts requires your app to periodically sync user information with the Accounts server. The easiest way to do this is to use the "whenever" gem.
+
+To create or append to the schedule.rb file, run the following command:
+
+```sh
+rails g openstax:accounts:schedule
+```
+
+Then, after installing the "whenever" gem, run the `whenever` command for instructions to set up your crontab:
+
+```sh
+whenever
+```
+
 Accounts API
 ------------
 

data/app/controllers/openstax/accounts/dev/base_controller.rb

@@ -0,0 +1,19 @@
+module OpenStax
+  module Accounts
+    module Dev
+      class BaseController < OpenStax::Accounts::ApplicationController
+
+        before_filter Proc.new{
+          raise SecurityTransgression if Rails.env.production?
+        }
+
+        skip_before_filter :authenticate_user!
+        skip_before_filter :require_registration!
+
+        fine_print_skip_signatures :general_terms_of_use, :privacy_policy \
+          if respond_to?(:fine_print_skip_signatures)
+
+      end
+    end
+  end
+end

data/app/controllers/openstax/accounts/dev/users_controller.rb

@@ -1,21 +1,22 @@
 module OpenStax
   module Accounts
     module Dev
-      class UsersController < OpenStax::Accounts::Dev::DevController
-        
-        def login; end
+      class UsersController < OpenStax::Accounts::Dev::BaseController
 
-        def search
-          handle_with(OpenStax::Accounts::Dev::UsersSearch,
-                      complete: lambda { render 'search' })
+        def index
+          handle_with(UsersIndex,
+                      complete: lambda { render 'index' })
         end
 
+        def login; end
+
         def become
-          sign_in(User.find(params[:user_id]))
-          redirect_to return_url(true)
+          @user = User.find(params[:id])
+          sign_in(@user)
+          redirect_to return_url
         end
 
       end
     end
   end
-end
+end

data/app/handlers/openstax/accounts/dev/users_index.rb

@@ -0,0 +1,39 @@
+module OpenStax
+  module Accounts
+    module Dev
+      class UsersIndex
+
+        lev_handler transaction: :no_transaction
+
+        paramify :search do
+          attribute :terms, type: String
+          attribute :type, type: String
+          attribute :page, type: Integer
+        end
+
+        uses_routine OpenStax::Accounts::Dev::SearchUsers,
+                     as: :search_users,
+                     translations: { outputs: {type: :verbatim} }
+
+        protected
+
+        def authorized?
+          !Rails.env.production?
+        end
+
+        def handle
+          case search_params.type
+          when 'Name'
+            query = "name:#{search_params.terms.gsub(/\s/,',')}"
+          when 'Username'
+            query = "username:#{search_params.terms.gsub(/\s/,',')}"
+          else
+            query = search_params.terms || ''
+          end
+          run(:search_users, query, page: search_params.page || 0)
+        end
+
+      end
+    end
+  end
+end

data/app/handlers/openstax/accounts/sessions_omniauth_authenticated.rb

@@ -2,9 +2,10 @@ module OpenStax
   module Accounts
 
     class SessionsOmniauthAuthenticated
+
       lev_handler
 
-    protected
+      protected
 
       def setup
         @auth_data = request.env['omniauth.auth']

data/app/models/openstax/accounts/application_user.rb

@@ -0,0 +1,7 @@
+module OpenStax
+  module Accounts
+    class ApplicationUser
+      attr_accessor :id, :application_id, :user, :unread_updates, :default_contact_info_id
+    end
+  end
+end

data/app/models/openstax/accounts/user.rb

@@ -2,11 +2,17 @@ module OpenStax
   module Accounts
     class User < ActiveRecord::Base
 
-      validates :username, uniqueness: true
-      validates :username, presence: true
+      USERNAME_DISCARDED_CHAR_REGEX = /[^A-Za-z\d_]/
+      USERNAME_MAX_LENGTH = 50
+
+      attr_accessor :updating_from_accounts
+
+      validates :username, uniqueness: true, presence: true
       validates :openstax_uid, presence: true
 
-      # first and last names are not required
+      attr_accessible :username, :first_name, :last_name, :full_name, :title
+
+      before_update :update_openstax_accounts
 
       def name
         (first_name || last_name) ? [first_name, last_name].compact.join(" ") : username
@@ -26,6 +32,12 @@ module OpenStax
         @@anonymous ||= AnonymousUser.new
       end
 
+      def update_openstax_accounts
+        return if updating_from_accounts || \
+                  OpenStax::Accounts.configuration.enable_stubbing?
+        OpenStax::Accounts.user_update(self)
+      end
+
       class AnonymousUser < User
         before_save { false } 
         def initialize(attributes=nil)

data/app/representers/openstax/accounts/api/v1/application_user_representer.rb

@@ -11,7 +11,11 @@ module OpenStax
           property :application_id,
                    type: Integer
 
-          property :user_id,
+          property :user,
+                   class: OpenStax::Accounts::User,
+                   decorator: UserRepresenter
+
+          property :unread_updates,
                    type: Integer
 
           property :default_contact_info_id,

data/app/representers/openstax/accounts/api/v1/application_user_search_representer.rb

@@ -0,0 +1,19 @@
+module OpenStax
+  module Accounts
+    module Api
+      module V1
+        class ApplicationUserSearchRepresenter < UserSearchRepresenter
+
+          collection :application_users,
+                     class: OpenStax::Accounts::ApplicationUser,
+                     decorator: ApplicationUserRepresenter,
+                     schema_info: {
+                       description: "The ApplicationUsers associated with the matching Users",
+                       minItems: 0
+                     }
+
+        end
+      end
+    end
+  end
+end

data/app/representers/openstax/accounts/api/v1/application_users_representer.rb

@@ -0,0 +1,16 @@
+require 'representable/json/collection'
+
+module OpenStax
+  module Accounts
+    module Api
+      module V1
+        class ApplicationUsersRepresenter < Roar::Decorator
+          include Representable::JSON::Collection
+
+          items class: OpenStax::Accounts::ApplicationUser,
+                decorator: ApplicationUserRepresenter
+        end
+      end
+    end
+  end
+end

data/app/representers/openstax/accounts/api/v1/user_representer.rb

@@ -5,7 +5,8 @@ module OpenStax
         class UserRepresenter < Roar::Decorator
           include Roar::Representer::JSON
 
-          property :id,
+          property :openstax_uid,
+                   as: :id,
                    type: Integer
 
           property :username,
@@ -23,11 +24,6 @@ module OpenStax
           property :title,
                    type: String
 
-# TODO: Not yet implemented in this gem
-#          collection :contact_infos,
-#                     class: OpenStax::Accounts::ContactInfo,
-#                     decorator: ContactInfoRepresenter
-
         end
       end
     end

data/app/routines/openstax/accounts/dev/create_user.rb

@@ -4,14 +4,14 @@ module OpenStax
       class CreateUser
         lev_routine
 
-      protected
+        protected
 
         def exec(inputs={})
 
           username = inputs[:username]
 
           if username.nil? || inputs[:ensure_no_errors]
-            loop do 
+            loop do
               break if !username.nil? && OpenStax::Accounts::User.where(username: username).none?
               username = "#{inputs[:username] || 'user'}#{rand(1000000)}"
             end
@@ -23,7 +23,7 @@ module OpenStax
             user.username = username
             user.openstax_uid = available_negative_openstax_uid
           end
-        
+
           transfer_errors_from(outputs[:user], {type: :verbatim})
         end
 
@@ -34,4 +34,4 @@ module OpenStax
       end
     end
   end
-end
+end

data/app/routines/openstax/accounts/dev/search_users.rb

@@ -0,0 +1,27 @@
+# Routine for searching for users
+#
+# Caller provides a query and some options.  The query follows the rules of
+# https://github.com/bruce/keyword_search, e.g.:
+#
+#   "username:jps,richb" --> returns the "jps" and "richb" users
+#   "name:John" --> returns Users with first, last, or full name starting with "John"
+#
+# Query terms can be combined, e.g. "username:jp first_name:john"
+#
+# There are currently two options to control query pagination:
+#
+#   :per_page -- the max number of results to return (default: 20)
+#   :page     -- the zero-indexed page to return (default: 0)
+
+module OpenStax
+  module Accounts
+    module Dev
+      class SearchUsers < OpenStax::Accounts::SearchUsers
+        def exec(query, options={})
+          options = options.merge!(:max_matching_users => Float::INFINITY)
+          super
+        end
+      end
+    end
+  end
+end

data/app/routines/openstax/accounts/search_users.rb

@@ -1,47 +1,189 @@
-require 'squeel'
+# Routine for searching for users
+#
+# Caller provides a query and some options.  The query follows the rules of
+# https://github.com/bruce/keyword_search , e.g.:
+#
+#   "username:jps,richb" --> returns the "jps" and "richb" users
+#   "name:John" --> returns Users with first, last, or full name
+#                   starting with "John"
+#
+# Query terms can be combined, e.g. "username:jp first_name:john"
+#
+# There are currently two options to control query pagination:
+#
+#   :per_page -- the max number of results to return per page (default: 20)
+#   :page     -- the zero-indexed page to return (default: 0)
+#
+# There is also an option to control the ordering:
+#
+#   :order_by -- comma-separated list of fields to sort by, with an optional
+#                space-separated sort direction (default: "username ASC")
+#
+# Finally, you can also specify a maximum allowed number of results:
+#
+#   :max_matching_users -- the max number of results allowed (default: 10)
+#
+# This routine will return an empty relation if the number of results exceeds
+# max_matching_users. You can tell that this happened because the result will
+# have a non-zero num_matching_users.
 
 module OpenStax
   module Accounts
-
     class SearchUsers
+      
       lev_routine transaction: :no_transaction
+      
+      protected
+      
+      SORTABLE_FIELDS = ['username', 'first_name', 'last_name', 'id']
+      SORT_ASCENDING = 'ASC'
+      SORT_DESCENDING = 'DESC'
+
+      def exec(query, options={})
+
+        if !OpenStax::Accounts.configuration.enable_stubbing? &&\
+           KeywordSearch.search(query).values_at('email', :default).compact.any?
+          # Delegate to Accounts
+
+          response = OpenStax::Accounts.application_users_index(query)
+
+          user_search = OpenStruct.new
+          search_rep = OpenStax::Accounts::Api::V1::UserSearchRepresenter.new(user_search)
+          search_rep.from_json(response.body)
+
+          # Need to query local database in order to obtain ID's (primary keys)
+          outputs[:users] = OpenStax::Accounts::User.where{
+                              openstax_uid.in user_search.users.collect{ |u| u.openstax_uid }
+                            }
+          outputs[:query] = user_search.q
+          outputs[:per_page] = user_search.per_page
+          outputs[:page] = user_search.page
+          outputs[:order_by] = user_search.order_by
+          outputs[:num_matching_users] = user_search.num_matching_users
+
+        else
+
+          # Local search
+          users = OpenStax::Accounts::User.scoped
+
+          KeywordSearch.search(query) do |with|
+
+            with.default_keyword :any
+
+            with.keyword :username do |usernames|
+              users = users.where{username.like_any my{prep_usernames(usernames)}}
+            end
+
+            with.keyword :first_name do |first_names|
+              users = users.where{lower(first_name).like_any my{prep_names(first_names)}}
+            end
+
+            with.keyword :last_name do |last_names|
+              users = users.where{lower(last_name).like_any my{prep_names(last_names)}}
+            end
+
+            with.keyword :full_name do |full_names|
+              users = users.where{lower(full_name).like_any my{prep_names(full_names)}}
+            end
+
+            with.keyword :name do |names|
+              names = prep_names(names)
+              users = users.where{ (lower(full_name).like_any names)  |
+                                   (lower(last_name).like_any names)  |
+                                   (lower(first_name).like_any names) }
+            end
+
+            with.keyword :id do |ids|
+              users = users.where{openstax_uid.in ids}
+            end
+
+            with.keyword :email do |emails|
+              users = OpenStax::Accounts::User.where('0=1')
+            end
+
+            # Rerun the queries above for 'any' terms (which are ones without a
+            # prefix).  
+
+            with.keyword :any do |terms|
+              names = prep_names(terms)
+
+              users = users.where{
+                                    (  lower(username).like_any  my{prep_usernames(terms)}) |
+                                    (lower(first_name).like_any  names)                     |
+                                    (lower(last_name).like_any   names)                     |
+                                    (lower(full_name).like_any   names)                     |
+                                    (id.in                       terms)
+                                 }
+            end
 
-    protected
-
-      def exec(terms, type=:any)
-        # Return empty results if no search terms
-        return User.where{id == nil}.where{id != nil} if terms.blank?
-
-        # Note: % is the wildcard. This allows the user to search
-        # for stuff that "begins with" but not "ends with".
-        case type
-        when :name
-          users = User.scoped
-          terms.gsub(/[%,]/, '').split.each do |t|
-            next if t.blank?
-            query = t + '%'
-            users = users.where{(first_name =~ query) | (last_name =~ query)}
           end
-        when :username
-          query = terms.gsub('%', '') + '%'
-          users = User.where{username =~ query}
-        when :any
-          users = User.scoped
-          terms.gsub(/[%,]/, '').split.each do |t|
-            next if t.blank?
-            query = t + '%'
-            users = users.where{(first_name =~ query) | 
-                        (last_name =~ query) |
-                        (username =~ query)}
+          
+          # Pagination
+          
+          page = options[:page] || 0
+          per_page = options[:per_page] || 20
+          
+          users = users.limit(per_page).offset(per_page*page)
+          
+          #
+          # Ordering
+          #
+          
+          # Parse the input
+          order_bys = (options[:order_by] || 'username').split(',').collect{|ob| ob.strip.split(' ')}
+          
+          # Toss out bad input, provide default direction
+          order_bys = order_bys.collect do |order_by|
+            field, direction = order_by
+            next if !SORTABLE_FIELDS.include?(field)
+            direction ||= SORT_ASCENDING
+            next if direction != SORT_ASCENDING && direction != SORT_DESCENDING
+            [field, direction]
           end
-        else
-          fatal_error(:unknown_user_search_type, data: type)
+          
+          order_bys.compact!
+          
+          # Use a default sort if none provided
+          order_bys = ['username', SORT_ASCENDING] if order_bys.empty?
+          
+          # Convert to query style
+          order_bys = order_bys.collect{|order_by| "#{order_by[0]} #{order_by[1]}"}
+          
+          # Make the ordering call
+          order_bys.each do |order_by|
+            users = users.order(order_by)
+          end
+          
+          # Translate to routine outputs
+          
+          outputs[:users] = users
+          outputs[:query] = query
+          outputs[:per_page] = per_page
+          outputs[:page] = page
+          outputs[:order_by] = order_bys.join(', ') # convert back to one string
+          outputs[:num_matching_users] = users.except(:offset, :limit, :order).count
+
         end
 
-        outputs[:users] = users
+        # Return no results if query exceeds maximum allowed number of matches
+        max_users = options[:max_matching_users] || \
+                    OpenStax::Accounts.configuration.max_matching_users
+        outputs[:users] = OpenStax::Accounts::User.where('0=1') \
+          if outputs[:num_matching_users] > max_users
+
+      end
+      
+      # Downcase, and put a wildcard at the end.
+      # For the moment don't exclude characters.
+      def prep_names(names)
+        names.collect{|name| name.downcase + '%'}
+      end
+      
+      def prep_usernames(usernames)
+        usernames.collect{|username| username.gsub(OpenStax::Accounts::User::USERNAME_DISCARDED_CHAR_REGEX, '').downcase + '%'}
       end
 
     end
 
   end
-end
+end