openstax_accounts 3.1.1 → 4.0.0

data/app/routines/openstax/accounts/search_local_accounts.rb

@@ -0,0 +1,101 @@
+module OpenStax
+  module Accounts
+    class SearchLocalAccounts
+
+      SORTABLE_FIELDS = {
+        'username' => :username,
+        'first_name' => :first_name,
+        'last_name' => :last_name,
+        'full_name' => :full_name,
+        'id' => :openstax_uid,
+        'created_at' => :created_at
+      }
+
+      lev_routine
+
+      uses_routine OSU::SearchAndOrganizeRelation, as: :search,
+                   translations: { outputs: { type: :verbatim } }
+
+      def exec(*args)
+        params = args.last.is_a?(Hash) ? args.pop : {}
+        params[:q] ||= args[0]
+        params[:ob] ||= args[1]
+        params[:pp] ||= args[2]
+        params[:p] ||= args[3]
+
+        run(:search, :relation => OpenStax::Accounts::Account.unscoped,
+                     :sortable_fields => SORTABLE_FIELDS,
+                     :params => params) do |with|
+
+          with.default_keyword :any
+
+          with.keyword :username do |names|
+            names.each do |name|
+              sanitized_names = to_string_array(name, append_wildcard: true)
+              next @items = @items.none if sanitized_names.empty?
+              @items = @items.where{username.like_any sanitized_names}
+            end
+          end
+
+          with.keyword :first_name do |names|
+            names.each do |name|
+              sanitized_names = to_string_array(name, append_wildcard: true)
+              next @items = @items.none if sanitized_names.empty?
+              @items = @items.where{first_name.like_any sanitized_names}
+            end
+          end
+
+          with.keyword :last_name do |names|
+            names.each do |name|
+              sanitized_names = to_string_array(name, append_wildcard: true)
+              next @items = @items.none if sanitized_names.empty?
+              @items = @items.where{last_name.like_any sanitized_names}
+            end
+          end
+
+          with.keyword :full_name do |names|
+            names.each do |name|
+              sanitized_names = to_string_array(name, append_wildcard: true)
+              next @items = @items.none if sanitized_names.empty?
+              @items = @items.where{full_name.like_any sanitized_names}
+            end
+          end
+
+          with.keyword :name do |names|
+            names.each do |name|
+              sanitized_names = to_string_array(name, append_wildcard: true)
+              next @items = @items.none if sanitized_names.empty?
+              @items = @items.where{(username.like_any sanitized_names) | \
+                                    (first_name.like_any sanitized_names) | \
+                                    (last_name.like_any sanitized_names) | \
+                                    (full_name.like_any sanitized_names)}
+            end
+          end
+
+          with.keyword :id do |ids|
+            ids.each do |id|
+              sanitized_ids = to_string_array(id)
+              next @items = @items.none if sanitized_ids.empty?
+              @items = @items.where{(openstax_uid.eq_any sanitized_ids)}
+            end
+          end
+
+          with.keyword :any do |terms|
+            terms.each do |term|
+              sanitized_names = to_string_array(term, append_wildcard: true)
+              sanitized_ids = to_string_array(term)
+              next @items = @items.none if sanitized_names.empty? || sanitized_ids.empty?
+
+              @items = @items.where{(username.like_any sanitized_names) | \
+                                    (first_name.like_any sanitized_names) | \
+                                    (last_name.like_any sanitized_names) | \
+                                    (full_name.like_any sanitized_names) | \
+                                    (openstax_uid.eq_any sanitized_ids)}
+            end
+          end
+
+        end
+      end
+    end
+  end
+end

data/app/views/openstax/accounts/dev/accounts/_search_results.html.erb

@@ -1,52 +1,26 @@
-<%
-  page = @handler_result.outputs[:page]
-  num_accounts = @handler_result.outputs[:num_matching_accounts]
-  per_page = @handler_result.outputs[:per_page]
-  pages = (num_accounts * 1.0 / per_page).ceil
-  accounts = @handler_result.outputs[:accounts]
-%>
+<% total_count = @handler_result.outputs[:total_count]
+   accounts = @handler_result.outputs[:items] %>
 
-<div id='search-results-pagination'>
-  <%= pluralize(num_accounts, 'user') %> found. 
-
-  <% if pages > 0 %>
-    Page: 
-
-    <% 
-      linked_page_numbers = [page+1]
-      linked_page_numbers.push(1)
-      linked_page_numbers.push(pages)
-      linked_page_numbers.push(page+1-1, page+1-2, page+1+1, page+1+2)
-      linked_page_numbers.reject!{|pp| pp < 1 || pp > pages}
-      linked_page_numbers.uniq!
-      linked_page_numbers.sort!
-    %>
-
-    <% linked_page_numbers.each do |lpn| %>
-      <%= link_to_unless lpn == page + 1,
-                         lpn, 
-                         dev_accounts_path(search: {terms: @handler_result.outputs[:query], page: lpn-1, per_page: per_page}), remote: true %>
-    <% end %>
-  <% end %>
+<div id='search-results-count'>
+  <%= pluralize(total_count, 'user') %> found.
 </div>
 
 <div id='search-results-list'>
   <%= osu.action_list(
-      records: accounts,
-      list: {
-       headings: ['Username', 'Title', 'Name', 'Actions'],
-      widths: ['30%', '10%', '40%', '20%'],
-      data_procs:
-        [
-          lambda { |account| account.username },
-          lambda { |account| account.title || '---' },
-          lambda { |account| account.name || '---' },
-          lambda { |account| 
-              link_to 'Sign in as',
-                      with_interceptor { become_dev_account_path(account) },
+        records: accounts,
+        list: {
+          headings: ['UID', 'Username (click to sign in as)', 'Name'],
+          widths: ['20%', '40%', '40%'],
+          data_procs: [
+            lambda { |account| account.openstax_uid },
+            lambda { |account|
+              link_to account.username,
+                      with_interceptor { become_dev_account_path(
+                                           account.openstax_uid) },
                       method: :post
-            }
-        ]
-      }
-    ) %>
+            },
+            lambda { |account| account.name || '---' }
+          ]
+        }
+      ) %>
 </div>

data/app/views/openstax/accounts/dev/accounts/index.html.erb

@@ -1,24 +1,25 @@
 <div class="openstax-accounts development-login">
 
-  <% handler_errors.each do |error| %>
-    <%= error.translate %>
-  <% end %>
+  <%= render partial: 'openstax/accounts/shared/attention' %>
 
   <h3>Create an Account</h3>
 
   <%= lev_form_for :create,
                    url: openstax_accounts.dev_accounts_path,
-                   method: :post do |f| %>
+                   method: :post,
+                   html: {class: 'form-inline'} do |f| %>
 
-    Username
-    <%= f.text_field :username, style: 'width:300px' %> 
-    <%= f.submit 'Create', class: 'btn btn-primary' %>
+    <%= f.label :username %>&nbsp;
+    <div class="form-group">
+      <%= f.text_field :username %>&nbsp;
+      <%= f.submit 'Create', class: 'btn btn-primary' %>
+    </div>
 
   <% end %>
 
   <h3>Development Login</h3>
 
-  <p>You need to login, but we're not connected to the Accounts server.
+  <p>You need to login, but we're not connected to the Accounts server.<br>
   Search for a user below and click the sign in link next to him or her.</p>
 
   <%= with_interceptor {
@@ -27,5 +28,7 @@
                             :remote => true, :method => :get } } %>
   
   <br>
+
   <div id="search-results"></div>
+
 </div>

data/app/views/openstax/accounts/shared/accounts/_search.html.erb

@@ -5,7 +5,8 @@
    remote ||= false
    form_html ||=  {id: 'search-form',
                    class: 'form-inline'}
-   search_types ||= ['Any', 'Username', 'Email']
+   search_types ||= ['Any', 'Username', 'Name',
+                     'First Name', 'Last Name', 'Email']
 %>
 
 <%= lev_form_for :search,
@@ -14,11 +15,13 @@
                  method: method,
                  html: form_html do |f| %>
 
-  Search for 
-  <%= f.search_field :terms, style: 'width:300px' %> 
-  in         
-  <%= f.select :type, search_types, {}, {style: 'width: 150px'} %>
+  <div class="form-group">
+    <%= f.label :query, 'Search for' %>&nbsp;
+    <%= f.search_field :query, style: 'width:300px' %>&nbsp;
+    <%= f.label :type, 'in' %>&nbsp;
+    <%= f.select :type, search_types, {}, {style: 'width: 150px'} %>&nbsp;
 
-  <%= f.submit 'Search', class: 'btn btn-primary' %>
+    <%= f.submit 'Search', class: 'btn btn-primary' %>
+  </div>
 
 <% end %>

data/lib/openstax/accounts/engine.rb

@@ -7,6 +7,7 @@ require 'keyword_search'
 require 'squeel'
 require 'action_interceptor'
 require 'openstax/accounts/extend_builtins'
+require 'doorkeeper'
 
 ActiveSupport::Inflector.inflections do |inflect|
   inflect.acronym 'OpenStax'

data/lib/openstax/accounts/has_many_through_groups.rb

@@ -16,7 +16,7 @@ module OpenStax
 
               define_method(name) do
                 OpenStax::Accounts::Group.includes(association_name)
-                  .where(id: supertree_group_ids)
+                  .where(openstax_uid: supertree_group_ids)
                   .collect{|g| g.send(association_name).to_a}.flatten.uniq
               end
             end
@@ -29,7 +29,9 @@ module OpenStax
                                    send(association_name).to_a : []
                 indirect_records = OpenStax::Accounts::Group
                   .includes(association_name).where(
-                    id: send(groups_name).collect{|g| g.supertree_group_ids}.flatten.uniq
+                    openstax_uid: send(groups_name).collect{|g|
+                      g.supertree_group_ids
+                    }.flatten.uniq
                   )
                   .collect{|g| g.send(association_name).to_a}
                 (direct_records + indirect_records).flatten.uniq

data/lib/openstax/accounts/version.rb

@@ -1,5 +1,5 @@
 module OpenStax
   module Accounts
-    VERSION = "3.1.1"
+    VERSION = "4.0.0"
   end
 end

data/lib/openstax_accounts.rb

@@ -74,12 +74,17 @@ module OpenStax
         # See the "account_user_mapper" discussion in the README
         attr_accessor :account_user_mapper
 
-        # max_matching_accounts
+        # min_search_characters
+        # The minimum number of characters that can be used
+        # as a query in a call to the AccountsSearch handler
+        # If less are used, the handler will return an error instead
+        attr_accessor :min_search_characters
+
+        # max_search_items
         # The maximum number of accounts that can be returned
-        # in a call to SearchAccounts
+        # in a call to the AccountsSearch handler
         # If more would be returned, the result will be empty instead
-        # Can also be passed directly to SearchAccounts
-        attr_accessor :max_matching_accounts
+        attr_accessor :max_search_items
 
         def openstax_accounts_url=(url)
           url.gsub!(/https|http/,'https') if !(url =~ /localhost/)
@@ -98,7 +103,8 @@ module OpenStax
           @default_errors_added_trigger = 'openstax-accounts-errors-added'
           @security_transgression_exception = SecurityTransgression
           @account_user_mapper = OpenStax::Accounts::DefaultAccountUserMapper
-          @max_matching_accounts = 10
+          @min_search_characters = 3
+          @max_search_items = 10
           super
         end
 

data/spec/controllers/openstax/accounts/dev/accounts_controller_spec.rb

@@ -12,7 +12,7 @@ module OpenStax::Accounts
       it 'should allow users not in production to become other users' do
         expect(controller.current_account).to eq(AnonymousAccount.instance)
         expect(controller.current_account.is_anonymous?).to eq(true)
-        post :become, id: account.id
+        post :become, id: account.openstax_uid
         expect(controller.current_account).to eq(account)
         expect(controller.current_account.is_anonymous?).to eq(false)
       end

data/spec/controllers/openstax/accounts/sessions_controller_spec.rb

@@ -12,7 +12,7 @@ module OpenStax::Accounts
       c = controller
       get :new
       expect(response).to redirect_to(
-        c.send(:with_interceptor) { c.dev_accounts_path })
+        c.send(:with_interceptor) { url_for(c.dev_accounts_path) })
       expect(response.code).to eq('302')
     end
 

data/spec/dummy/app/access_policies/account_access_policy.rb

@@ -0,0 +1,11 @@
+class AccountAccessPolicy
+  # Contains all the rules for which requestors can do what with which Account objects.
+
+  def self.action_allowed?(action, requestor, account)
+    case action
+    when :search # Anyone
+      true
+    end
+  end
+
+end

data/spec/dummy/app/controllers/oauth_controller.rb

@@ -1,3 +1,5 @@
+require 'responders'
+
 class OauthController < ApplicationController
   respond_to :json
 

data/spec/dummy/config/environments/production.rb

@@ -20,7 +20,7 @@ Dummy::Application.configure do
   # config.action_dispatch.rack_cache = true
 
   # Disable Rails's static asset server (Apache or nginx will already do this).
-  config.serve_static_assets = false
+  config.serve_static_files = false
 
   # Compress JavaScripts and CSS.
   config.assets.js_compressor = :uglifier

data/spec/dummy/config/environments/test.rb

@@ -13,7 +13,7 @@ Dummy::Application.configure do
   config.eager_load = false
 
   # Configure static asset server for tests with Cache-Control for performance.
-  config.serve_static_assets  = true
+  config.serve_static_files  = true
   config.static_cache_control = 'public, max-age=3600'
 
   # Show full error reports and disable caching.

data/spec/dummy/config/initializers/access_policies.rb

@@ -0,0 +1 @@
+OSU::AccessPolicy.register(OpenStax::Accounts::Account, AccountAccessPolicy)

data/spec/dummy/config/initializers/doorkeeper.rb

@@ -0,0 +1,75 @@
+Doorkeeper.configure do
+  # Change the ORM that doorkeeper will use.
+  # Currently supported options are :active_record, :mongoid2, :mongoid3, :mongo_mapper
+  orm :active_record
+  
+  # This block will be called to check whether the resource owner is authenticated or not.
+  resource_owner_authenticator do
+    raise "Please configure doorkeeper resource_owner_authenticator block located in #{__FILE__}"
+    # Put your resource owner authentication logic here.
+    # Example implementation:
+    #   User.find_by_id(session[:user_id]) || redirect_to(new_user_session_url)
+  end
+  
+  # If you want to restrict access to the web interface for adding oauth authorized applications, you need to declare the block below.
+  # admin_authenticator do
+  #   # Put your admin authentication logic here.
+  #   # Example implementation:
+  #   Admin.find_by_id(session[:admin_id]) || redirect_to(new_admin_session_url)
+  # end
+  
+  # Authorization Code expiration time (default 10 minutes).
+  # authorization_code_expires_in 10.minutes
+  
+  # Access token expiration time (default 2 hours).
+  # If you want to disable expiration, set this to nil.
+  # access_token_expires_in 2.hours
+  
+  # Issue access tokens with refresh token (disabled by default)
+  # use_refresh_token
+  
+  # Provide support for an owner to be assigned to each registered application (disabled by default)
+  # Optional parameter :confirmation => true (default false) if you want to enforce ownership of
+  # a registered application
+  # Note: you must also run the rails g doorkeeper:application_owner generator to provide the necessary support
+  # enable_application_owner :confirmation => false
+  
+  # Define access token scopes for your provider
+  # For more information go to https://github.com/applicake/doorkeeper/wiki/Using-Scopes
+  # default_scopes  :public
+  # optional_scopes :write, :update
+  
+  # Change the way client credentials are retrieved from the request object.
+  # By default it retrieves first from the `HTTP_AUTHORIZATION` header, then
+  # falls back to the `:client_id` and `:client_secret` params from the `params` object.
+  # Check out the wiki for more information on customization
+  # client_credentials :from_basic, :from_params
+  
+  # Change the way access token is authenticated from the request object.
+  # By default it retrieves first from the `HTTP_AUTHORIZATION` header, then
+  # falls back to the `:access_token` or `:bearer_token` params from the `params` object.
+  # Check out the wiki for more information on customization
+  # access_token_methods :from_bearer_authorization, :from_access_token_param, :from_bearer_param
+  
+  # Change the test redirect uri for client apps
+  # When clients register with the following redirect uri, they won't be redirected to any server and the authorization code will be displayed within the provider
+  # The value can be any string. Use nil to disable this feature. When disabled, clients must provide a valid URL
+  # (Similar behaviour: https://developers.google.com/accounts/docs/OAuth2InstalledApp#choosingredirecturi)
+  #
+  # test_redirect_uri 'urn:ietf:wg:oauth:2.0:oob'
+  
+  # Under some circumstances you might want to have applications auto-approved,
+  # so that the user skips the authorization step.
+  # For example if dealing with trusted a application.
+  # skip_authorization do |resource_owner, client|
+  #   client.superapp? or resource_owner.admin?
+  # end
+  
+  #Â WWW-Authenticate Realm (default "Doorkeeper").
+  # realm "Doorkeeper"
+  
+  # Allow dynamic query parameters (disabled by default)
+  # Some applications require dynamic query parameters on their request_uri
+  # set to true if you want this to be allowed
+  # wildcard_redirect_uri false
+end