openstax_accounts 8.0.1 → 9.0.2
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/app/controllers/openstax/accounts/application_controller.rb +0 -4
- data/app/controllers/openstax/accounts/dev/accounts_controller.rb +16 -10
- data/app/controllers/openstax/accounts/dev/base_controller.rb +1 -5
- data/app/controllers/openstax/accounts/sessions_controller.rb +2 -5
- data/app/handlers/openstax/accounts/accounts_search.rb +3 -5
- data/app/handlers/openstax/accounts/dev/accounts_create.rb +1 -7
- data/app/handlers/openstax/accounts/dev/accounts_search.rb +0 -2
- data/app/handlers/openstax/accounts/sessions_callback.rb +2 -4
- data/app/models/openstax/accounts/account.rb +1 -19
- data/app/models/openstax/accounts/anonymous_account.rb +1 -2
- data/app/representers/openstax/accounts/api/v1/unclaimed_account_representer.rb +1 -7
- data/app/routines/openstax/accounts/dev/create_account.rb +23 -21
- data/app/routines/openstax/accounts/find_or_create_account.rb +16 -25
- data/app/routines/openstax/accounts/find_or_create_from_sso.rb +2 -8
- data/app/routines/openstax/accounts/sync_accounts.rb +1 -6
- data/app/views/layouts/openstax/accounts/application.html.erb +2 -2
- data/app/views/openstax/accounts/dev/accounts/_search_results.html.erb +9 -10
- data/app/views/openstax/accounts/dev/accounts/index.html.erb +7 -10
- data/app/views/openstax/accounts/dev/accounts/{search.js.erb → index.js.erb} +0 -0
- data/app/views/openstax/accounts/shared/_attention.html.erb +9 -1
- data/app/views/openstax/accounts/shared/accounts/_search.html.erb +12 -8
- data/config/routes.rb +2 -5
- data/db/migrate/14_drop_openstax_uid_and_username_uniqueness.rb +9 -0
- data/db/migrate/15_drop_accounts_groups.rb +42 -0
- data/lib/omniauth/strategies/openstax.rb +1 -1
- data/lib/openstax/accounts/api.rb +0 -149
- data/lib/openstax/accounts/current_user_manager.rb +1 -5
- data/lib/openstax/accounts/engine.rb +1 -1
- data/lib/openstax/accounts/sso.rb +4 -3
- data/lib/openstax/accounts/version.rb +1 -1
- data/lib/tasks/sync.rake +0 -8
- metadata +10 -26
- data/app/models/openstax/accounts/application_group.rb +0 -7
- data/app/models/openstax/accounts/group.rb +0 -169
- data/app/models/openstax/accounts/group_member.rb +0 -37
- data/app/models/openstax/accounts/group_nesting.rb +0 -55
- data/app/models/openstax/accounts/group_owner.rb +0 -37
- data/app/representers/openstax/accounts/api/v1/application_group_representer.rb +0 -48
- data/app/representers/openstax/accounts/api/v1/application_groups_representer.rb +0 -20
- data/app/representers/openstax/accounts/api/v1/group_nesting_representer.rb +0 -31
- data/app/representers/openstax/accounts/api/v1/group_representer.rb +0 -71
- data/app/representers/openstax/accounts/api/v1/group_user_representer.rb +0 -34
- data/app/routines/openstax/accounts/create_group.rb +0 -26
- data/app/routines/openstax/accounts/sync_groups.rb +0 -67
- data/app/routines/openstax/accounts/update_group_caches.rb +0 -27
- data/lib/openstax/accounts/has_many_through_groups/active_record/base.rb +0 -51
- data/spec/factories/openstax_accounts_group.rb +0 -7
- data/spec/factories/openstax_accounts_group_member.rb +0 -6
- data/spec/factories/openstax_accounts_group_nesting.rb +0 -6
- data/spec/factories/openstax_accounts_group_owner.rb +0 -6
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 5a175a15f221828acef337b3d574aecd84dc3d9605560f11705fc6d7f4e9e324
|
4
|
+
data.tar.gz: 9997bf8d7bd65f4dcafc1c299fd33d12e4b9cea156cf614fb44b7e04e4a4a176
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 385f8b9e27eb713c1b82e46cc8249faf847ec270f2404e6a7f8c2b21766950e36cdb3ef6493fba0f1b90decb37f7de36bfa70c234b5f393342eace998ef889ce
|
7
|
+
data.tar.gz: 9f2061a220279ee14fbef359463d4c8c11adefdb4ee2f25e7f553715b98dd9d3d8be3475f99c47cc23fe28fbfff4b24827f093e03c86ca62fc834be4e8a1edaf
|
@@ -1,8 +1,6 @@
|
|
1
1
|
module OpenStax
|
2
2
|
module Accounts
|
3
|
-
|
4
3
|
class ApplicationController < ::ActionController::Base
|
5
|
-
|
6
4
|
include Lev::HandleWith
|
7
5
|
|
8
6
|
skip_before_action :authenticate_user!, raise: false
|
@@ -10,8 +8,6 @@ module OpenStax
|
|
10
8
|
def configuration
|
11
9
|
OpenStax::Accounts.configuration
|
12
10
|
end
|
13
|
-
|
14
11
|
end
|
15
|
-
|
16
12
|
end
|
17
13
|
end
|
@@ -3,23 +3,30 @@ module OpenStax
|
|
3
3
|
module Dev
|
4
4
|
class AccountsController < OpenStax::Accounts::Dev::BaseController
|
5
5
|
# Allow accessing from inside an iframe
|
6
|
-
before_action :allow_iframe_access, only:
|
6
|
+
before_action :allow_iframe_access, only: :index
|
7
7
|
|
8
8
|
def index
|
9
|
-
|
10
|
-
|
11
|
-
def search
|
12
|
-
handle_with(AccountsSearch)
|
9
|
+
handle_with AccountsSearch
|
13
10
|
end
|
14
11
|
|
15
12
|
def create
|
16
|
-
handle_with(
|
17
|
-
|
13
|
+
handle_with(
|
14
|
+
AccountsCreate,
|
15
|
+
success: -> do
|
16
|
+
username = @handler_result.outputs.account.username
|
17
|
+
flash.notice = "Account with username \"#{username}\" created."
|
18
|
+
redirect_to dev_accounts_path(search: { query: username })
|
19
|
+
end,
|
20
|
+
failure: -> do
|
21
|
+
flash.alert = @handler_result.errors.first.translate
|
22
|
+
redirect_to dev_accounts_path(search: { query: params.dig(:create, :username) })
|
23
|
+
end
|
24
|
+
)
|
18
25
|
end
|
19
26
|
|
20
27
|
def become
|
21
|
-
@account = Account.
|
22
|
-
sign_in
|
28
|
+
@account = Account.find(params[:id])
|
29
|
+
sign_in @account
|
23
30
|
redirect_back key: :accounts_return_to, strategies: [:session]
|
24
31
|
end
|
25
32
|
|
@@ -28,7 +35,6 @@ module OpenStax
|
|
28
35
|
def allow_iframe_access
|
29
36
|
response.headers.except! 'X-Frame-Options'
|
30
37
|
end
|
31
|
-
|
32
38
|
end
|
33
39
|
end
|
34
40
|
end
|
@@ -2,11 +2,7 @@ module OpenStax
|
|
2
2
|
module Accounts
|
3
3
|
module Dev
|
4
4
|
class BaseController < OpenStax::Accounts::ApplicationController
|
5
|
-
|
6
|
-
before_action do
|
7
|
-
raise SecurityTransgression if Rails.env.production?
|
8
|
-
end
|
9
|
-
|
5
|
+
before_action { raise SecurityTransgression if Rails.env.production? }
|
10
6
|
end
|
11
7
|
end
|
12
8
|
end
|
@@ -1,7 +1,6 @@
|
|
1
1
|
module OpenStax
|
2
2
|
module Accounts
|
3
3
|
class SessionsController < OpenStax::Accounts::ApplicationController
|
4
|
-
|
5
4
|
def new
|
6
5
|
if configuration.is_return_to_url_approved?(params[:return_to])
|
7
6
|
store_url url: params[:return_to], key: :accounts_return_to, strategies: [:session]
|
@@ -40,15 +39,13 @@ module OpenStax
|
|
40
39
|
end
|
41
40
|
|
42
41
|
def failure
|
43
|
-
redirect_back key: :accounts_return_to,
|
44
|
-
alert: "Authentication failed, please try again."
|
42
|
+
redirect_back key: :accounts_return_to, alert: 'Authentication failed, please try again.'
|
45
43
|
end
|
46
44
|
|
47
45
|
def profile
|
48
46
|
# TODO: stub profile if stubbing is enabled
|
49
|
-
redirect_to URI.join(configuration.openstax_accounts_url,
|
47
|
+
redirect_to URI.join(configuration.openstax_accounts_url, '/profile').to_s
|
50
48
|
end
|
51
|
-
|
52
49
|
end
|
53
50
|
end
|
54
51
|
end
|
@@ -1,7 +1,6 @@
|
|
1
1
|
module OpenStax
|
2
2
|
module Accounts
|
3
3
|
class AccountsSearch
|
4
|
-
|
5
4
|
lev_handler
|
6
5
|
|
7
6
|
paramify :search do
|
@@ -50,17 +49,16 @@ module OpenStax
|
|
50
49
|
page: search_params.page,
|
51
50
|
per_page: search_params.per_page}
|
52
51
|
out = run(OpenStax::Accounts::SearchAccounts, params).outputs
|
53
|
-
outputs
|
52
|
+
outputs.total_count = out.total_count
|
54
53
|
|
55
|
-
if !@max_items.nil? && outputs
|
54
|
+
if !@max_items.nil? && outputs.total_count > @max_items
|
56
55
|
fatal_error(code: :too_many_items,
|
57
56
|
message: "The number of matches exceeded the allowed limit of #{
|
58
57
|
@max_items} matches. Please refine your query and try again.")
|
59
58
|
end
|
60
59
|
|
61
|
-
outputs
|
60
|
+
outputs.items = out.items.to_a
|
62
61
|
end
|
63
|
-
|
64
62
|
end
|
65
63
|
end
|
66
64
|
end
|
@@ -1,21 +1,17 @@
|
|
1
1
|
module OpenStax
|
2
2
|
module Accounts
|
3
|
-
|
4
3
|
module Dev
|
5
4
|
class AccountsCreate
|
6
|
-
|
7
5
|
lev_handler
|
8
6
|
|
9
7
|
paramify :create do
|
10
8
|
attribute :username, type: String
|
11
|
-
validates :username, presence: true
|
12
9
|
attribute :role, type: String
|
13
10
|
end
|
14
11
|
|
15
12
|
uses_routine OpenStax::Accounts::Dev::CreateAccount,
|
16
13
|
as: :create_account,
|
17
|
-
translations: { inputs: { scope: :create },
|
18
|
-
outputs: { type: :verbatim } }
|
14
|
+
translations: { inputs: { scope: :create }, outputs: { type: :verbatim } }
|
19
15
|
|
20
16
|
protected
|
21
17
|
|
@@ -26,9 +22,7 @@ module OpenStax
|
|
26
22
|
def handle
|
27
23
|
run(:create_account, create_params.as_hash(:username, :role))
|
28
24
|
end
|
29
|
-
|
30
25
|
end
|
31
26
|
end
|
32
|
-
|
33
27
|
end
|
34
28
|
end
|
@@ -2,7 +2,6 @@ module OpenStax
|
|
2
2
|
module Accounts
|
3
3
|
module Dev
|
4
4
|
class AccountsSearch < OpenStax::Accounts::AccountsSearch
|
5
|
-
|
6
5
|
paramify :search do
|
7
6
|
attribute :type, type: String
|
8
7
|
attribute :query, type: String
|
@@ -21,7 +20,6 @@ module OpenStax
|
|
21
20
|
def authorized?
|
22
21
|
!Rails.env.production?
|
23
22
|
end
|
24
|
-
|
25
23
|
end
|
26
24
|
end
|
27
25
|
end
|
@@ -15,15 +15,13 @@ module OpenStax
|
|
15
15
|
|
16
16
|
def handle
|
17
17
|
# Don't worry if the account is logged in or not beforehand. Just assume that they aren't.
|
18
|
-
|
19
18
|
# tap is used because we want the block to always run (not just when initializing)
|
20
19
|
begin
|
21
|
-
outputs.account = Account.find_or_initialize_by(
|
22
|
-
openstax_uid: @auth_data.uid
|
23
|
-
).tap do |account|
|
20
|
+
outputs.account = Account.find_or_initialize_by(uuid: @auth_data.uid).tap do |account|
|
24
21
|
account.access_token = @auth_data.credentials.token
|
25
22
|
|
26
23
|
raw_info = @auth_data.extra.raw_info
|
24
|
+
raw_info = raw_info.merge openstax_uid: raw_info[:id]
|
27
25
|
OpenStax::Accounts::Account::SYNC_ATTRIBUTES.each do |attribute|
|
28
26
|
begin
|
29
27
|
account.send "#{attribute}=", raw_info[attribute]
|
@@ -1,9 +1,9 @@
|
|
1
1
|
module OpenStax::Accounts
|
2
2
|
class Account < ActiveRecord::Base
|
3
|
-
|
4
3
|
USERNAME_DISCARDED_CHAR_REGEX = /[^A-Za-z\d_]/
|
5
4
|
USERNAME_MAX_LENGTH = 50
|
6
5
|
SYNC_ATTRIBUTES = [
|
6
|
+
:openstax_uid,
|
7
7
|
:username,
|
8
8
|
:first_name,
|
9
9
|
:last_name,
|
@@ -13,27 +13,12 @@ module OpenStax::Accounts
|
|
13
13
|
:faculty_status,
|
14
14
|
:school_type,
|
15
15
|
:salesforce_contact_id,
|
16
|
-
:uuid,
|
17
16
|
:support_identifier,
|
18
17
|
:is_test
|
19
18
|
]
|
20
19
|
|
21
20
|
attr_accessor :syncing
|
22
21
|
|
23
|
-
has_many :group_owners, dependent: :destroy,
|
24
|
-
class_name: 'OpenStax::Accounts::GroupOwner',
|
25
|
-
primary_key: :openstax_uid,
|
26
|
-
foreign_key: :user_id,
|
27
|
-
inverse_of: :user
|
28
|
-
has_many :groups_as_owner, through: :group_owners, source: :group
|
29
|
-
|
30
|
-
has_many :group_members, dependent: :destroy,
|
31
|
-
class_name: 'OpenStax::Accounts::GroupMember',
|
32
|
-
primary_key: :openstax_uid,
|
33
|
-
foreign_key: :user_id,
|
34
|
-
inverse_of: :user
|
35
|
-
has_many :groups_as_member, through: :group_members, source: :group
|
36
|
-
|
37
22
|
enum faculty_status: [:no_faculty_info, :pending_faculty, :confirmed_faculty, :rejected_faculty]
|
38
23
|
enum role: [
|
39
24
|
:unknown_role,
|
@@ -50,8 +35,6 @@ module OpenStax::Accounts
|
|
50
35
|
|
51
36
|
validates :faculty_status, :role, :school_type, presence: true
|
52
37
|
|
53
|
-
validates :openstax_uid, uniqueness: { allow_nil: true }
|
54
|
-
validates :username, uniqueness: { allow_nil: true }
|
55
38
|
validates :uuid, presence: true, uniqueness: true
|
56
39
|
validates :support_identifier, uniqueness: { allow_nil: true }
|
57
40
|
|
@@ -98,6 +81,5 @@ module OpenStax::Accounts
|
|
98
81
|
def update_openstax_accounts
|
99
82
|
OpenStax::Accounts::Api.update_account(self)
|
100
83
|
end
|
101
|
-
|
102
84
|
end
|
103
85
|
end
|
@@ -1,7 +1,6 @@
|
|
1
1
|
module OpenStax
|
2
2
|
module Accounts
|
3
3
|
class AnonymousAccount < Account
|
4
|
-
|
5
4
|
include Singleton
|
6
5
|
|
7
6
|
before_save { false }
|
@@ -9,6 +8,7 @@ module OpenStax
|
|
9
8
|
def initialize(attributes=nil)
|
10
9
|
super
|
11
10
|
self.id = nil
|
11
|
+
self.uuid = nil
|
12
12
|
self.openstax_uid = nil
|
13
13
|
self.username = 'anonymous'
|
14
14
|
self.first_name = 'Guest'
|
@@ -18,7 +18,6 @@ module OpenStax
|
|
18
18
|
def is_anonymous?
|
19
19
|
true
|
20
20
|
end
|
21
|
-
|
22
21
|
end
|
23
22
|
end
|
24
23
|
end
|
@@ -4,7 +4,7 @@ module OpenStax
|
|
4
4
|
module V1
|
5
5
|
class UnclaimedAccountRepresenter < Roar::Decorator
|
6
6
|
|
7
|
-
# This representer is used to
|
7
|
+
# This representer is used to read from Accounts
|
8
8
|
# and so must allow read/write on all properties
|
9
9
|
# Do not use it in create/update APIs!
|
10
10
|
|
@@ -30,12 +30,6 @@ module OpenStax
|
|
30
30
|
description: "The unclaimed account's support_identifier"
|
31
31
|
}
|
32
32
|
|
33
|
-
property :is_test,
|
34
|
-
type: :boolean,
|
35
|
-
schema_info: {
|
36
|
-
description: "Whether or not this is a test account"
|
37
|
-
}
|
38
|
-
|
39
33
|
end
|
40
34
|
end
|
41
35
|
end
|
@@ -1,5 +1,4 @@
|
|
1
|
-
# Routine for creating an account, only for use when stubbing and
|
2
|
-
# not on production.
|
1
|
+
# Routine for creating an account, only for use when stubbing and not on production.
|
3
2
|
|
4
3
|
module OpenStax
|
5
4
|
module Accounts
|
@@ -11,30 +10,33 @@ module OpenStax
|
|
11
10
|
|
12
11
|
def exec(inputs={})
|
13
12
|
fatal_error(code: :cannot_create_account_in_production) if Rails.env.production?
|
14
|
-
fatal_error(code: :can_only_create_account_when_stubbing)
|
13
|
+
fatal_error(code: :can_only_create_account_when_stubbing) \
|
14
|
+
unless OpenStax::Accounts.configuration.enable_stubbing?
|
15
15
|
|
16
16
|
username = inputs[:username]
|
17
|
-
|
18
|
-
username
|
17
|
+
if username.blank?
|
18
|
+
while username.blank? || Account.where(username: username).exists? do
|
19
|
+
username = SecureRandom.hex(3).to_s
|
20
|
+
end
|
21
|
+
else
|
22
|
+
fatal_error(
|
23
|
+
code: :account_already_exists,
|
24
|
+
message: "One or more accounts with username \"#{username}\" already exist."
|
25
|
+
) if Account.where(username: username).exists?
|
19
26
|
end
|
20
27
|
|
21
|
-
account = OpenStax::Accounts::Account.
|
22
|
-
|
23
|
-
|
24
|
-
|
25
|
-
|
26
|
-
|
27
|
-
|
28
|
-
|
29
|
-
|
30
|
-
|
31
|
-
account
|
32
|
-
|
33
|
-
transfer_errors_from(account, {type: :verbatim}, true)
|
34
|
-
|
35
|
-
outputs[:account] = account
|
28
|
+
outputs.account = OpenStax::Accounts::Account.create(
|
29
|
+
openstax_uid: -SecureRandom.hex(4).to_i(16)/2,
|
30
|
+
access_token: SecureRandom.hex.to_s,
|
31
|
+
username: username,
|
32
|
+
role: inputs[:role] || :unknown_role,
|
33
|
+
uuid: SecureRandom.uuid,
|
34
|
+
support_identifier: "cs_#{SecureRandom.hex(4)}",
|
35
|
+
is_test: true
|
36
|
+
)
|
37
|
+
|
38
|
+
transfer_errors_from(outputs.account, {type: :verbatim}, true)
|
36
39
|
end
|
37
|
-
|
38
40
|
end
|
39
41
|
end
|
40
42
|
end
|
@@ -1,46 +1,41 @@
|
|
1
1
|
module OpenStax
|
2
2
|
module Accounts
|
3
3
|
class FindOrCreateAccount
|
4
|
-
|
5
4
|
lev_routine
|
6
5
|
|
7
6
|
protected
|
8
7
|
|
9
|
-
def exec(email: nil, username: nil, password: nil,
|
10
|
-
|
11
|
-
|
12
|
-
raise
|
13
|
-
|
14
|
-
|
8
|
+
def exec(email: nil, username: nil, password: nil, first_name: nil, last_name: nil,
|
9
|
+
full_name: nil, title: nil, salesforce_contact_id: nil, faculty_status: nil,
|
10
|
+
role: nil, school_type: nil, is_test: nil)
|
11
|
+
raise(
|
12
|
+
ArgumentError,
|
13
|
+
'You must specify either an email address or a username (and an optional password)'
|
14
|
+
) if email.nil? && username.nil?
|
15
15
|
|
16
16
|
if OpenStax::Accounts.configuration.enable_stubbing
|
17
17
|
# We can only stub finding by username b/c accounts-rails doesn't persist emails
|
18
|
-
|
19
|
-
|
20
|
-
uuid = SecureRandom.uuid
|
18
|
+
uuid = Account.find_by(username: username)&.uuid || SecureRandom.uuid
|
19
|
+
openstax_uid = -SecureRandom.hex(4).to_i(16)/2
|
21
20
|
support_identifier = "cs_#{SecureRandom.hex(4)}"
|
22
21
|
else
|
23
|
-
response = Api.find_or_create_account(
|
22
|
+
response = OpenStax::Accounts::Api.find_or_create_account(
|
24
23
|
email: email, username: username, password: password,
|
25
24
|
first_name: first_name, last_name: last_name, full_name: full_name,
|
26
25
|
salesforce_contact_id: salesforce_contact_id, faculty_status: faculty_status,
|
27
|
-
role: role, school_type: school_type
|
26
|
+
role: role, school_type: school_type, is_test: is_test
|
27
|
+
)
|
28
28
|
fatal_error(code: :invalid_inputs) unless (200..202).include?(response.status)
|
29
29
|
|
30
30
|
struct = OpenStruct.new
|
31
31
|
Api::V1::UnclaimedAccountRepresenter.new(struct).from_json(response.body)
|
32
|
-
|
32
|
+
openstax_uid = struct.id
|
33
33
|
uuid = struct.uuid
|
34
34
|
support_identifier = struct.support_identifier
|
35
|
-
is_test = struct.is_test
|
36
35
|
end
|
37
36
|
|
38
|
-
account = Account.
|
39
|
-
|
40
|
-
unless account.persisted?
|
41
|
-
while username.nil? || Account.where(username: username).exists? do
|
42
|
-
username = SecureRandom.hex(3).to_s
|
43
|
-
end
|
37
|
+
outputs.account = Account.find_or_create_by(uuid: uuid) do |account|
|
38
|
+
account.openstax_uid = openstax_uid
|
44
39
|
account.username = username
|
45
40
|
account.first_name = first_name
|
46
41
|
account.last_name = last_name
|
@@ -50,16 +45,12 @@ module OpenStax
|
|
50
45
|
account.faculty_status = faculty_status || :no_faculty_info
|
51
46
|
account.role = role || :unknown_role
|
52
47
|
account.school_type = school_type || :unknown_school_type
|
53
|
-
account.uuid = uuid
|
54
48
|
account.support_identifier = support_identifier
|
55
49
|
account.is_test = is_test
|
56
|
-
account.save!
|
57
50
|
end
|
58
51
|
|
59
|
-
transfer_errors_from
|
60
|
-
outputs[:account] = account
|
52
|
+
transfer_errors_from outputs.account, { type: :verbatim }, true
|
61
53
|
end
|
62
|
-
|
63
54
|
end
|
64
55
|
end
|
65
56
|
end
|