openstax_accounts 1.0.0 → 2.0.0

data/app/routines/openstax/accounts/{search_users.rb → search_accounts.rb}

@@ -1,10 +1,10 @@
-# Routine for searching for users
+# Routine for searching for accounts
 #
 # Caller provides a query and some options.  The query follows the rules of
 # https://github.com/bruce/keyword_search , e.g.:
 #
-#   "username:jps,richb" --> returns the "jps" and "richb" users
-#   "name:John" --> returns Users with first, last, or full name
+#   "username:jps,richb" --> returns the "jps" and "richb" accounts
+#   "name:John" --> returns accounts with first, last, or full name
 #                   starting with "John"
 #
 # Query terms can be combined, e.g. "username:jp first_name:john"
@@ -21,15 +21,15 @@
 #
 # Finally, you can also specify a maximum allowed number of results:
 #
-#   :max_matching_users -- the max number of results allowed (default: 10)
+#   :max_matching_accounts -- the max number of results allowed (default: 10)
 #
 # This routine will return an empty relation if the number of results exceeds
-# max_matching_users. You can tell that this happened because the result will
-# have a non-zero num_matching_users.
+# max_matching_accounts. You can tell that this situation happened when
+# the result has an empty accounts array, but a non-zero num_matching_accounts.
 
 module OpenStax
   module Accounts
-    class SearchUsers
+    class SearchAccounts
       
       lev_routine transaction: :no_transaction
       
@@ -45,60 +45,65 @@ module OpenStax
            KeywordSearch.search(query).values_at('email', :default).compact.any?
           # Delegate to Accounts
 
-          response = OpenStax::Accounts.application_users_index(query)
+          response = OpenStax::Accounts.search_application_accounts(query)
 
-          user_search = OpenStruct.new
-          search_rep = OpenStax::Accounts::Api::V1::UserSearchRepresenter.new(user_search)
+
+          search = OpenStruct.new
+          search_rep = OpenStax::Accounts::Api::V1::AccountSearchRepresenter.new(search)
           search_rep.from_json(response.body)
 
           # Need to query local database in order to obtain ID's (primary keys)
-          outputs[:users] = OpenStax::Accounts::User.where{
-                              openstax_uid.in user_search.users.collect{ |u| u.openstax_uid }
-                            }
-          outputs[:query] = user_search.q
-          outputs[:per_page] = user_search.per_page
-          outputs[:page] = user_search.page
-          outputs[:order_by] = user_search.order_by
-          outputs[:num_matching_users] = user_search.num_matching_users
+          outputs[:accounts] = OpenStax::Accounts::Account.where {
+            openstax_uid.in search.accounts.collect{ |u| u.openstax_uid }
+          }
+          outputs[:query] = search.q
+          outputs[:per_page] = search.per_page
+          outputs[:page] = search.page
+          outputs[:order_by] = search.order_by
+          outputs[:num_matching_accounts] = search.num_matching_accounts
 
         else
 
           # Local search
-          users = OpenStax::Accounts::User.scoped
+          accounts = OpenStax::Accounts::Account.scoped
 
           KeywordSearch.search(query) do |with|
 
             with.default_keyword :any
 
             with.keyword :username do |usernames|
-              users = users.where{username.like_any my{prep_usernames(usernames)}}
+              accounts = accounts.where{username
+                .like_any my{prep_usernames(usernames)}}
             end
 
             with.keyword :first_name do |first_names|
-              users = users.where{lower(first_name).like_any my{prep_names(first_names)}}
+              accounts = accounts.where{lower(first_name)
+                .like_any my{prep_names(first_names)}}
             end
 
             with.keyword :last_name do |last_names|
-              users = users.where{lower(last_name).like_any my{prep_names(last_names)}}
+              accounts = accounts.where{lower(last_name)
+                .like_any my{prep_names(last_names)}}
             end
 
             with.keyword :full_name do |full_names|
-              users = users.where{lower(full_name).like_any my{prep_names(full_names)}}
+              accounts = accounts.where{lower(full_name)
+                .like_any my{prep_names(full_names)}}
             end
 
             with.keyword :name do |names|
               names = prep_names(names)
-              users = users.where{ (lower(full_name).like_any names)  |
-                                   (lower(last_name).like_any names)  |
-                                   (lower(first_name).like_any names) }
+              accounts = accounts.where{ (lower(full_name).like_any names)  |
+                                         (lower(last_name).like_any names)  |
+                                         (lower(first_name).like_any names) }
             end
 
             with.keyword :id do |ids|
-              users = users.where{openstax_uid.in ids}
+              accounts = accounts.where{openstax_uid.in ids}
             end
 
             with.keyword :email do |emails|
-              users = OpenStax::Accounts::User.where('0=1')
+              accounts = OpenStax::Accounts::Account.where('0=1')
             end
 
             # Rerun the queries above for 'any' terms (which are ones without a
@@ -107,13 +112,13 @@ module OpenStax
             with.keyword :any do |terms|
               names = prep_names(terms)
 
-              users = users.where{
-                                    (  lower(username).like_any  my{prep_usernames(terms)}) |
-                                    (lower(first_name).like_any  names)                     |
-                                    (lower(last_name).like_any   names)                     |
-                                    (lower(full_name).like_any   names)                     |
-                                    (id.in                       terms)
-                                 }
+              accounts = accounts.where{
+                (  lower(username).like_any my{prep_usernames(terms)}) |
+                (lower(first_name).like_any names)                     |
+                (lower(last_name).like_any  names)                     |
+                (lower(full_name).like_any  names)                     |
+                (id.in                      terms)
+              }
             end
 
           end
@@ -123,14 +128,15 @@ module OpenStax
           page = options[:page] || 0
           per_page = options[:per_page] || 20
           
-          users = users.limit(per_page).offset(per_page*page)
+          accounts = accounts.limit(per_page).offset(per_page*page)
           
           #
           # Ordering
           #
           
           # Parse the input
-          order_bys = (options[:order_by] || 'username').split(',').collect{|ob| ob.strip.split(' ')}
+          order_bys = (options[:order_by] || 'username').split(',')
+                        .collect{|ob| ob.strip.split(' ')}
           
           # Toss out bad input, provide default direction
           order_bys = order_bys.collect do |order_by|
@@ -151,25 +157,26 @@ module OpenStax
           
           # Make the ordering call
           order_bys.each do |order_by|
-            users = users.order(order_by)
+            accounts = accounts.order(order_by)
           end
           
           # Translate to routine outputs
           
-          outputs[:users] = users
+          outputs[:accounts] = accounts
           outputs[:query] = query
           outputs[:per_page] = per_page
           outputs[:page] = page
-          outputs[:order_by] = order_bys.join(', ') # convert back to one string
-          outputs[:num_matching_users] = users.except(:offset, :limit, :order).count
+          outputs[:order_by] = order_bys.join(', ') # Convert back to String
+          outputs[:num_matching_accounts] = accounts
+            .except(:offset, :limit, :order).count
 
         end
 
         # Return no results if query exceeds maximum allowed number of matches
-        max_users = options[:max_matching_users] || \
-                    OpenStax::Accounts.configuration.max_matching_users
-        outputs[:users] = OpenStax::Accounts::User.where('0=1') \
-          if outputs[:num_matching_users] > max_users
+        max_accounts = options[:max_matching_accounts] || \
+                    OpenStax::Accounts.configuration.max_matching_accounts
+        outputs[:accounts] = OpenStax::Accounts::Account.where('0=1') \
+          if outputs[:num_matching_accounts] > max_accounts
 
       end
       
@@ -180,7 +187,9 @@ module OpenStax
       end
       
       def prep_usernames(usernames)
-        usernames.collect{|username| username.gsub(OpenStax::Accounts::User::USERNAME_DISCARDED_CHAR_REGEX, '').downcase + '%'}
+        usernames.collect{|username| username.gsub(
+          OpenStax::Accounts::Account::USERNAME_DISCARDED_CHAR_REGEX, '')
+          .downcase + '%'}
       end
 
     end

data/app/routines/openstax/accounts/sync_accounts.rb

@@ -0,0 +1,47 @@
+# Routine for getting account updates from the Accounts server
+#
+# Should be scheduled to run regularly
+
+module OpenStax
+  module Accounts
+
+    class SyncAccounts
+
+      SYNC_ATTRIBUTES = ['username', 'first_name', 'last_name',
+                         'full_name', 'title']
+
+      lev_routine transaction: :no_transaction
+      
+      protected
+      
+      def exec(options={})
+
+        return if OpenStax::Accounts.configuration.enable_stubbing?
+
+        response = OpenStax::Accounts.get_application_account_updates
+
+        app_accounts = []
+        app_accounts_rep = OpenStax::Accounts::Api::V1::ApplicationAccountsRepresenter
+                             .new(app_accounts)
+        app_accounts_rep.from_json(response.body)
+
+        return if app_accounts.empty?
+
+        app_accounts_hash = {}
+        app_accounts.each do |app_account|
+          account = OpenStax::Accounts::Account.where(
+            :openstax_uid => app_account.account.openstax_uid).first
+          account.syncing_with_accounts = true
+          next unless account.update_attributes(
+            app_account.account.attributes.slice(*SYNC_ATTRIBUTES))
+          app_accounts_hash[app_account.id] = app_account.unread_updates
+        end
+
+        OpenStax::Accounts.mark_updates_as_read(app_accounts_hash)
+
+      end
+
+    end
+
+  end
+end

data/app/views/openstax/accounts/dev/{users → accounts}/_search_results.html.erb

@@ -1,13 +1,13 @@
 <%
   page = @handler_result.outputs[:page]
-  num_users = @handler_result.outputs[:num_matching_users]
+  num_accounts = @handler_result.outputs[:num_matching_accounts]
   per_page = @handler_result.outputs[:per_page]
-  pages = (num_users * 1.0 / per_page).ceil
-  users = @handler_result.outputs[:users]
+  pages = (num_accounts * 1.0 / per_page).ceil
+  accounts = @handler_result.outputs[:accounts]
 %>
 
 <div id='search-results-pagination'>
-  <%= pluralize(num_users, 'user') %> found. 
+  <%= pluralize(num_accounts, 'user') %> found. 
 
   <% if pages > 0 %>
     Page: 
@@ -25,25 +25,25 @@
     <% linked_page_numbers.each do |lpn| %>
       <%= link_to_unless lpn == page + 1,
                          lpn, 
-                         dev_users_path(search: {terms: @handler_result.outputs[:query], page: lpn-1, per_page: per_page}), remote: true %>
+                         dev_accounts_path(search: {terms: @handler_result.outputs[:query], page: lpn-1, per_page: per_page}), remote: true %>
     <% end %>
   <% end %>
 </div>
 
 <%= osu.action_list(
-    records: users,
+    records: accounts,
     list: {
       headings: ['Username', 'First Name', 'Last Name', ''],
       widths: ['25%', '25%', '25%', '25%'],
       data_procs:
         [
-          Proc.new { |user| user.username },
-          Proc.new { |user| user.first_name || '---' },
-          Proc.new { |user| user.last_name || '---' },
-          Proc.new { |user| 
-            link_to 'Sign in as', 
-                    become_dev_user_path(user), 
-                    method: :post 
+          Proc.new { |account| account.username },
+          Proc.new { |account| account.first_name || '---' },
+          Proc.new { |account| account.last_name || '---' },
+          Proc.new { |account| 
+            link_to 'Sign in as',
+                    with_interceptor { become_dev_account_path(account) },
+                    method: :post
           }
         ]
     }

data/app/views/openstax/accounts/dev/{users/login.html.erb → accounts/index.html.erb}

@@ -9,9 +9,9 @@
     <p>You need to login, but we're not connected to the Accounts server.
     Search for a user below and click the sign in link next to him or her.</p>
 
-    <%= render 'openstax/accounts/shared/users/index',
-               :search_action_path => openstax_accounts.dev_users_path,
-               :remote => true %>
+    <%= with_interceptor { render 'openstax/accounts/shared/accounts/index',
+               :search_action_path => openstax_accounts.dev_accounts_path,
+               :remote => true } %>
 
   <% end %>
 

data/app/views/openstax/accounts/dev/{users → accounts}/index.js.erb

@@ -1,3 +1,3 @@
 <%= unless_errors alerts_html_id: 'dialog-local-alerts' do %>
-  $("#search-results-list").html("<%= j(render 'openstax/accounts/dev/users/search_results') %>");
+  $("#search-results-list").html("<%= j(render 'openstax/accounts/dev/accounts/search_results') %>");
 <% end %>

data/app/views/openstax/accounts/shared/{users → accounts}/_index.html.erb

@@ -1,6 +1,8 @@
 <%
    # Clients of this partial can override the following variables:
    search_action_path ||= nil
+   results_list_id ||= 'search-results-list'
+   method ||= :post
    remote ||= false
    form_html ||=  {id: 'search-form',
                    class: 'form-inline'}
@@ -10,6 +12,7 @@
 <%= lev_form_for :search,
                  url: search_action_path,
                  remote: remote,
+                 method: method,
                  html: form_html do |f| %>
 
   Search for 
@@ -21,4 +24,4 @@
 
 <% end %>
 
-<div id="search-results-list"></div>
+<div id=<%= results_list_id %>></div>

data/config/initializers/action_interceptor.rb

@@ -0,0 +1,14 @@
+ActionInterceptor.configure do
+
+  interceptor :authenticate_user! do
+    account = current_account
+
+    return if account && !account.is_anonymous?
+
+    respond_to do |format|
+      format.html { redirect_to registration_path }
+      format.json { head(:forbidden) }
+    end
+  end
+
+end

data/config/routes.rb

@@ -1,26 +1,29 @@
 OpenStax::Accounts::Engine.routes.draw do
-  get '/auth/openstax/callback', to: 'sessions#omniauth_authenticated' #omniauth route
+
+  # Redirect here if we don't know what to do (theoretically should not happen)
+  root :to => 'sessions#new'
+
+  # Shortcut to OmniAuth route that redirects to the Accounts server
+  # This is provided by OmniAuth and is not in the SessionsController
   get '/auth/openstax', :as => 'openstax_login'
 
-  get 'sessions/new', :as => 'login'
-  # See https://github.com/plataformatec/devise/commit/f3385e96abf50e80d2ae282e1fb9bdad87a83d3c
-  match 'sessions/destroy', :as => 'logout',
-                            :via => OpenStax::Accounts.configuration.logout_via
+  # OmniAuth local routes (SessionsController)
+  resource :session, :only => [], :path => '', :as => '' do
+    get 'callback', :path => 'auth/:provider/callback' # Authentication success
+    get 'failure', :path => 'auth/failure' # Authentication failure
+
+    get 'login', :to => :new # Redirects to /auth/openstax or stub
+    match 'logout', :to => :destroy, # Redirects to logout path or stub
+                    :via => OpenStax::Accounts.configuration.logout_via
+  end
 
   if OpenStax::Accounts.configuration.enable_stubbing?
     namespace :dev do
-      resources :users, :only => [:index] do
-        collection do
-          get 'login'
-          post 'index'
-        end
-
+      resources :accounts, :only => [:index] do
+        post 'index', :on => :collection
         post 'become', :on => :member
       end
     end
   end
-end
 
-hh = OpenStax::Accounts::Engine.routes.url_helpers
-
-OpenStax::Accounts::RouteHelper.register_path(:login, hh.openstax_login_path) { hh.login_dev_users_path }
+end

data/db/migrate/0_create_openstax_accounts_accounts.rb

@@ -0,0 +1,22 @@
+class CreateOpenStaxAccountsAccounts < ActiveRecord::Migration
+  def change
+    create_table :openstax_accounts_accounts do |t|
+      t.integer :openstax_uid, :null => false
+      t.string  :username, :null => false
+      t.string  :access_token
+      t.string  :first_name
+      t.string  :last_name
+      t.string  :full_name
+      t.string  :title
+
+      t.timestamps
+    end
+
+    add_index :openstax_accounts_accounts, :openstax_uid, :unique => true
+    add_index :openstax_accounts_accounts, :username, :unique => true
+    add_index :openstax_accounts_accounts, :access_token, :unique => true
+    add_index :openstax_accounts_accounts, :first_name
+    add_index :openstax_accounts_accounts, :last_name
+    add_index :openstax_accounts_accounts, :full_name
+  end
+end

data/lib/generators/openstax/accounts/schedule/USAGE

@@ -1,5 +1,5 @@
 Description:
-    Creates a "whenever" task that checks for updates from Accounts.
+    Creates a "whenever" task that checks for updates from the Accounts server.
 
 Example:
     rails generate openstax:accounts:schedule

data/lib/generators/openstax/accounts/schedule/templates/schedule.rb

@@ -1,3 +1,3 @@
 every 5.minutes do
-  runner "OpenStax::Accounts::SyncUsers.call"
+  runner "OpenStax::Accounts::SyncAccounts.call"
 end

data/lib/openstax/accounts/current_user_manager.rb

@@ -2,102 +2,111 @@ module OpenStax
   module Accounts
     class CurrentUserManager
 
-      # References:
-      #   http://railscasts.com/episodes/356-dangers-of-session-hijacking
-
       def initialize(request, session, cookies)
         @request = request
         @session = session
         @cookies = cookies
       end
 
-      # Returns the current app user
+      # Returns the current account
+      def current_account
+        load_session
+        @current_account
+      end
+
+      # Returns the current user
       def current_user
-        load_current_users
-        @app_current_user
+        load_session
+        @current_user
       end
 
-      # Signs in the given user; the argument can be either an accounts user or
-      # an app user
-      def sign_in(user)
-        user.is_a?(User) ?
-          self.accounts_current_user = user :
+      # Signs in the given user or account
+      def sign_in!(user)
+        user.is_a?(Account) ?
+          self.current_account = user :
           self.current_user = user
       end
 
-      # Signs out the user
+      alias_method :sign_in, :sign_in!
+
+      # Signs out the currently signed in user
       def sign_out!
-        sign_in(OpenStax::Accounts::User.anonymous)
+        self.current_account = AnonymousAccount.instance
       end
 
+      alias_method :sign_out, :sign_out!
+
       # Returns true iff there is a user signed in
       def signed_in?
-        !accounts_current_user.is_anonymous?
+        !current_account.is_anonymous?
       end
 
-      # Returns the current accounts user
-      def accounts_current_user
-        load_current_users
-        @accounts_current_user
-      end
-
-    protected
-
-      # If they are nil (unset), sets the current users based on the session state
-      def load_current_users
-        return if !@accounts_current_user.nil?
+      protected
 
-        if @request.ssl? && @cookies.signed[:secure_user_id] != "secure#{@session[:user_id]}"
-          sign_out! # hijacked
+      # Sets the session state based on the given account
+      def set_session(account)
+        if account.is_anonymous?
+          @session[:account_id] = nil
+          @cookies.delete(:secure_account_id)
         else
-          # If there is a session user_id, load up that user, otherwise set the anonymous user.
-         
-          if @session[:user_id]
-            @accounts_current_user = User.where(id: @session[:user_id]).first
-
-            # It could happen (normally in development) that there is a session
-            # user_id that doesn't map to a User in the db.
-            # In such a case, sign_out! to reset the state
-            if @accounts_current_user.nil?
-              sign_out!
-              return
-            end
-          else
-            @accounts_current_user = User.anonymous
-          end
-
-          # Bring the app user inline with the accounts user
-          @app_current_user = user_provider.accounts_user_to_app_user(@accounts_current_user)
+          @session[:account_id] = account.id
+          @cookies.signed[:secure_account_id] = { secure: true,
+            httponly: true, value: "secure#{account.id}" }
         end
       end
 
-      # Sets (signs in) the provided app user.
-      def current_user=(user)
-        self.accounts_current_user = user_provider.app_user_to_accounts_user(user)
-        @app_current_user
-      end
-
-      # Sets the current accounts user, updates the app user, and also updates
-      # the session and cookie state.
-      def accounts_current_user=(user)
-        @accounts_current_user = user || User.anonymous
-        @app_current_user = user_provider.accounts_user_to_app_user(@accounts_current_user)
+      # If not already loaded, sets the current user and current account
+      # based on the session state
+      def load_session
+        return unless @current_account.nil?
+
+        # Sign the user out to reset the session if the request is SSL
+        # and the signed secure ID doesn't match the unsecure ID
+        # http://railscasts.com/episodes/356-dangers-of-session-hijacking
+        if @request.ssl? && \
+          @cookies.signed[:secure_account_id] != "secure#{@session[:account_id]}"
+          sign_out!
+          return
+        end
 
-        if @accounts_current_user.is_anonymous?
-          @session[:user_id] = nil
-          @cookies.delete(:secure_user_id)
+        # If there is a session account_id, load up that account,
+        # otherwise set the anonymous account.
+        if @session[:account_id]
+          @current_account = Account.where(id: @session[:account_id]).first
+
+          # It could happen (normally in development) that there is a session
+          # account_id that doesn't map to an Account in the db.
+          # In such a case, sign_out! to reset the state
+          if @current_account.nil?
+            sign_out!
+            return
+          end
         else
-          @session[:user_id] = @accounts_current_user.id
-          @cookies.signed[:secure_user_id] = {secure: true, value: "secure#{@accounts_current_user.id}"}
+          @current_account = AnonymousAccount.instance
         end
 
-        @accounts_current_user
+        # Bring the user inline with the account
+        @current_user = account_user_mapper.account_to_user(@current_account)
+      end
+
+      # Sets the current account, updates the session and loads it
+      def current_account=(account)
+        set_session(account)
+        @current_user = account_user_mapper.account_to_user(account)
+        @current_account = account
+      end
+
+      # Sets (signs in) the provided user, as above
+      def current_user=(user)
+        @current_account = account_user_mapper.user_to_account(user)
+        set_session(@current_account)
+        @current_user = user
       end
 
-      def user_provider
-        OpenStax::Accounts.configuration.user_provider
+      def account_user_mapper
+        OpenStax::Accounts.configuration.account_user_mapper
       end
 
     end
   end
-end
+end

data/lib/openstax/accounts/default_account_user_mapper.rb

@@ -0,0 +1,15 @@
+module OpenStax
+  module Accounts
+    class DefaultAccountUserMapper
+
+      def self.account_to_user(account)
+        account
+      end
+
+      def self.user_to_account(user)
+        user
+      end
+
+    end
+  end
+end

data/lib/openstax/accounts/engine.rb

@@ -5,6 +5,8 @@ require 'roar/decorator'
 require 'roar/representer/json'
 require 'keyword_search'
 require 'squeel'
+require 'action_interceptor'
+require 'openstax/accounts/extend_builtins'
 
 ActiveSupport::Inflector.inflections do |inflect|
   inflect.acronym 'OpenStax'