RubyGems - openstax_accounts - Versions diffs - 8.1.0 → 9.1.0 - Mend

openstax_accounts 8.1.0 → 9.1.0

Files changed (51) hide show

checksums.yaml CHANGED

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 5f7776ce8e75c51c3a8b3435712dc37aab19225584f25c99f82ce6bd92042350
-  data.tar.gz: fac871ea9ca585e3b5e02d46bd37fe6b462ed80283cf23881e551c92d25e9297
+  metadata.gz: 94c7f3a9d37b020069be2c39b96a1f7beacb918d50e87aa84d70fe24d437025c
+  data.tar.gz: 9a857efcee527418bd4287d6b8a61c369fa424541358de01b3dc41f1ae8e3aa7
 SHA512:
-  metadata.gz: 90ed74a62cb7a299c8ef064accfc52e295a3baa334a110ac8020e02bebf61408f846e3b278124ebb0feb921bf3f32ea4d2551e01a4fb42a9e14b30d9b1169720
-  data.tar.gz: 882b93e2e815f42e1942fafaca8754787b1a86538ba46bb5604dc313b5da8a370fd2708c7cd268a24ee434de0961691af336dd30b45b5b5bbd9440f0a38ee6ed
+  metadata.gz: 831790e591d38994596ff471d0828b773a8fd770253bf7040ed4c1106b2979e944b9a5ce5777cc89271c552cdb8fb50b7cfb239e316b1251713fe81f960e9237
+  data.tar.gz: fa14a2404033df1bc6131f6a1b91c134c98bda24d16af737f3442b52ea9b3de1c1933f463ac7c46060cef64fac02e73628990d936f35a7a0bdf1b93a99d6290c

data/app/controllers/openstax/accounts/application_controller.rb CHANGED

@@ -1,8 +1,6 @@
 module OpenStax
   module Accounts
     class ApplicationController < ::ActionController::Base
       include Lev::HandleWith
       skip_before_action :authenticate_user!, raise: false
@@ -10,8 +8,6 @@ module OpenStax
       def configuration
         OpenStax::Accounts.configuration
       end
     end
   end
 end

data/app/controllers/openstax/accounts/dev/accounts_controller.rb CHANGED

@@ -3,23 +3,30 @@ module OpenStax
     module Dev
       class AccountsController < OpenStax::Accounts::Dev::BaseController
         # Allow accessing from inside an iframe
-        before_action :allow_iframe_access, only: [:index, :search]
+        before_action :allow_iframe_access, only: :index
         def index
-        end
-        def search
-          handle_with(AccountsSearch)
+          handle_with AccountsSearch
         end
         def create
-          handle_with(AccountsCreate,
-                      complete: lambda { redirect_to dev_accounts_path })
+          handle_with(
+            AccountsCreate,
+            success: -> do
+              username = @handler_result.outputs.account.username
+              flash.notice = "Account with username \"#{username}\" created."
+              redirect_to dev_accounts_path(search: { query: username })
+            end,
+            failure: -> do
+              flash.alert = @handler_result.errors.first.translate
+              redirect_to dev_accounts_path(search: { query: params.dig(:create, :username) })
+            end
+          )
         end
         def become
-          @account = Account.find_by(openstax_uid: params[:id])
-          sign_in(@account)
+          @account = Account.find(params[:id])
+          sign_in @account
           redirect_back key: :accounts_return_to, strategies: [:session]
         end
@@ -28,7 +35,6 @@ module OpenStax
         def allow_iframe_access
           response.headers.except! 'X-Frame-Options'
         end
       end
     end
   end

data/app/controllers/openstax/accounts/dev/base_controller.rb CHANGED

@@ -2,11 +2,7 @@ module OpenStax
   module Accounts
     module Dev
       class BaseController < OpenStax::Accounts::ApplicationController
-        before_action do
-          raise SecurityTransgression if Rails.env.production?
-        end
+        before_action { raise SecurityTransgression if Rails.env.production? }
       end
     end
   end

data/app/controllers/openstax/accounts/sessions_controller.rb CHANGED

@@ -1,7 +1,6 @@
 module OpenStax
   module Accounts
     class SessionsController < OpenStax::Accounts::ApplicationController
       def new
         if configuration.is_return_to_url_approved?(params[:return_to])
           store_url url: params[:return_to], key: :accounts_return_to, strategies: [:session]
@@ -11,8 +10,7 @@ module OpenStax
         if configuration.enable_stubbing?
           redirect_to dev_accounts_path
         else
-          forwardable_params =
-            params.permit(*configuration.forwardable_login_param_keys.map(&:to_s)).to_h
+          forwardable_params = params.permit(*configuration.forwardable_login_params).to_h
           redirect_to openstax_login_path(forwardable_params)
         end
       end
@@ -40,15 +38,13 @@ module OpenStax
       end
       def failure
-        redirect_back key: :accounts_return_to,
-                      alert: "Authentication failed, please try again."
+        redirect_back key: :accounts_return_to, alert: 'Authentication failed, please try again.'
       end
       def profile
         # TODO: stub profile if stubbing is enabled
-        redirect_to URI.join(configuration.openstax_accounts_url, "/profile").to_s
+        redirect_to URI.join(configuration.openstax_accounts_url, '/profile').to_s
       end
     end
   end
 end

data/app/handlers/openstax/accounts/accounts_search.rb CHANGED

@@ -1,7 +1,6 @@
 module OpenStax
   module Accounts
     class AccountsSearch
       lev_handler
       paramify :search do
@@ -50,17 +49,16 @@ module OpenStax
                   page: search_params.page,
                   per_page: search_params.per_page}
         out = run(OpenStax::Accounts::SearchAccounts, params).outputs
-        outputs[:total_count] = out[:total_count]
+        outputs.total_count = out.total_count
-        if !@max_items.nil? && outputs[:total_count] > @max_items
+        if !@max_items.nil? && outputs.total_count > @max_items
           fatal_error(code: :too_many_items,
                       message: "The number of matches exceeded the allowed limit of #{
                         @max_items} matches. Please refine your query and try again.")
         end
-        outputs[:items] = out[:items].to_a
+        outputs.items = out.items.to_a
       end
     end
   end
 end

data/app/handlers/openstax/accounts/dev/accounts_create.rb CHANGED

@@ -1,21 +1,17 @@
 module OpenStax
   module Accounts
     module Dev
       class AccountsCreate
         lev_handler
         paramify :create do
           attribute :username, type: String
-          validates :username, presence: true
           attribute :role, type: String
         end
         uses_routine OpenStax::Accounts::Dev::CreateAccount,
                      as: :create_account,
-                     translations: { inputs: { scope: :create },
-                                     outputs: { type: :verbatim } }
+                     translations: { inputs: { scope: :create }, outputs: { type: :verbatim } }
         protected
@@ -26,9 +22,7 @@ module OpenStax
         def handle
           run(:create_account, create_params.as_hash(:username, :role))
         end
       end
     end
   end
 end

data/app/handlers/openstax/accounts/dev/accounts_search.rb CHANGED

@@ -2,7 +2,6 @@ module OpenStax
   module Accounts
     module Dev
       class AccountsSearch < OpenStax::Accounts::AccountsSearch
         paramify :search do
           attribute :type, type: String
           attribute :query, type: String
@@ -21,7 +20,6 @@ module OpenStax
         def authorized?
           !Rails.env.production?
         end
       end
     end
   end

data/app/handlers/openstax/accounts/sessions_callback.rb CHANGED

@@ -15,15 +15,13 @@ module OpenStax
       def handle
         # Don't worry if the account is logged in or not beforehand. Just assume that they aren't.
         # tap is used because we want the block to always run (not just when initializing)
         begin
-          outputs.account = Account.find_or_initialize_by(
-            openstax_uid: @auth_data.uid
-          ).tap do |account|
+          outputs.account = Account.find_or_initialize_by(uuid: @auth_data.uid).tap do |account|
             account.access_token = @auth_data.credentials.token
             raw_info = @auth_data.extra.raw_info
+            raw_info = raw_info.merge openstax_uid: raw_info[:id]
             OpenStax::Accounts::Account::SYNC_ATTRIBUTES.each do |attribute|
               begin
                 account.send "#{attribute}=", raw_info[attribute]

data/app/models/openstax/accounts/account.rb CHANGED

@@ -1,9 +1,9 @@
 module OpenStax::Accounts
     class Account < ActiveRecord::Base
     USERNAME_DISCARDED_CHAR_REGEX = /[^A-Za-z\d_]/
     USERNAME_MAX_LENGTH = 50
     SYNC_ATTRIBUTES = [
+      :openstax_uid,
       :username,
       :first_name,
       :last_name,
@@ -13,27 +13,12 @@ module OpenStax::Accounts
       :faculty_status,
       :school_type,
       :salesforce_contact_id,
-      :uuid,
       :support_identifier,
       :is_test
     ]
     attr_accessor :syncing
-    has_many :group_owners, dependent: :destroy,
-             class_name: 'OpenStax::Accounts::GroupOwner',
-             primary_key: :openstax_uid,
-             foreign_key: :user_id,
-             inverse_of: :user
-    has_many :groups_as_owner, through: :group_owners, source: :group
-    has_many :group_members, dependent: :destroy,
-             class_name: 'OpenStax::Accounts::GroupMember',
-             primary_key: :openstax_uid,
-             foreign_key: :user_id,
-             inverse_of: :user
-    has_many :groups_as_member, through: :group_members, source: :group
     enum faculty_status: [:no_faculty_info, :pending_faculty, :confirmed_faculty, :rejected_faculty]
     enum role: [
       :unknown_role,
@@ -50,8 +35,6 @@ module OpenStax::Accounts
     validates :faculty_status, :role, :school_type, presence: true
-    validates :openstax_uid, uniqueness: { allow_nil: true }
-    validates :username, uniqueness: { allow_nil: true }
     validates :uuid, presence: true, uniqueness: true
     validates :support_identifier, uniqueness: { allow_nil: true }
@@ -98,6 +81,5 @@ module OpenStax::Accounts
     def update_openstax_accounts
       OpenStax::Accounts::Api.update_account(self)
     end
   end
 end

data/app/models/openstax/accounts/anonymous_account.rb CHANGED

@@ -1,7 +1,6 @@
 module OpenStax
   module Accounts
     class AnonymousAccount < Account
       include Singleton
       before_save { false }
@@ -9,6 +8,7 @@ module OpenStax
       def initialize(attributes=nil)
         super
         self.id           = nil
+        self.uuid         = nil
         self.openstax_uid = nil
         self.username     = 'anonymous'
         self.first_name   = 'Guest'
@@ -18,7 +18,6 @@ module OpenStax
       def is_anonymous?
         true
       end
     end
   end
 end

data/app/routines/openstax/accounts/dev/create_account.rb CHANGED

@@ -1,5 +1,4 @@
-# Routine for creating an account, only for use when stubbing and
-# not on production.
+# Routine for creating an account, only for use when stubbing and not on production.
 module OpenStax
   module Accounts
@@ -11,30 +10,33 @@ module OpenStax
         def exec(inputs={})
           fatal_error(code: :cannot_create_account_in_production) if Rails.env.production?
-          fatal_error(code: :can_only_create_account_when_stubbing) if !OpenStax::Accounts.configuration.enable_stubbing?
+          fatal_error(code: :can_only_create_account_when_stubbing) \
+            unless OpenStax::Accounts.configuration.enable_stubbing?
           username = inputs[:username]
-          while username.nil? || Account.where(username: username).exists? do
-            username = SecureRandom.hex(3).to_s
+          if username.blank?
+            while username.blank? || Account.where(username: username).exists? do
+              username = SecureRandom.hex(3).to_s
+            end
+          else
+            fatal_error(
+              code: :account_already_exists,
+              message: "One or more accounts with username \"#{username}\" already exist."
+            ) if Account.where(username: username).exists?
           end
-          account = OpenStax::Accounts::Account.new
-          account.openstax_uid = -SecureRandom.hex(4).to_i(16)/2
-          account.access_token = SecureRandom.hex.to_s
-          account.username = username
-          account.role = inputs[:role] || :unknown_role
-          account.uuid = SecureRandom.uuid
-          account.support_identifier = "cs_#{SecureRandom.hex(4)}"
-          account.is_test = true
-          account.save
-          transfer_errors_from(account, {type: :verbatim}, true)
-          outputs[:account] = account
+          outputs.account = OpenStax::Accounts::Account.create(
+            openstax_uid: -SecureRandom.hex(4).to_i(16)/2,
+            access_token: SecureRandom.hex.to_s,
+            username: username,
+            role: inputs[:role] || :unknown_role,
+            uuid: SecureRandom.uuid,
+            support_identifier: "cs_#{SecureRandom.hex(4)}",
+            is_test: true
+          )
+          transfer_errors_from(outputs.account, {type: :verbatim}, true)
         end
       end
     end
   end

data/app/routines/openstax/accounts/find_or_create_account.rb CHANGED

@@ -1,7 +1,6 @@
 module OpenStax
   module Accounts
     class FindOrCreateAccount
       lev_routine
       protected
@@ -16,31 +15,27 @@ module OpenStax
         if OpenStax::Accounts.configuration.enable_stubbing
           # We can only stub finding by username b/c accounts-rails doesn't persist emails
-          id = Account.find_by(username: username).try!(:openstax_uid) ||
-               -SecureRandom.hex(4).to_i(16)/2
-          uuid = SecureRandom.uuid
+          uuid = Account.find_by(username: username)&.uuid || SecureRandom.uuid
+          openstax_uid = -SecureRandom.hex(4).to_i(16)/2
           support_identifier = "cs_#{SecureRandom.hex(4)}"
         else
-          response = Api.find_or_create_account(
+          response = OpenStax::Accounts::Api.find_or_create_account(
             email: email, username: username, password: password,
             first_name: first_name, last_name: last_name, full_name: full_name,
             salesforce_contact_id: salesforce_contact_id, faculty_status: faculty_status,
-            role: role, school_type: school_type, is_test: is_test)
+            role: role, school_type: school_type, is_test: is_test
+          )
           fatal_error(code: :invalid_inputs) unless (200..202).include?(response.status)
           struct = OpenStruct.new
           Api::V1::UnclaimedAccountRepresenter.new(struct).from_json(response.body)
-          id = struct.id
+          openstax_uid = struct.id
           uuid = struct.uuid
           support_identifier = struct.support_identifier
         end
-        account = Account.find_or_initialize_by(openstax_uid: id)
-        unless account.persisted?
-          while username.nil? || Account.where(username: username).exists? do
-            username = SecureRandom.hex(3).to_s
-          end
+        outputs.account = Account.find_or_create_by(uuid: uuid) do |account|
+          account.openstax_uid = openstax_uid
           account.username = username
           account.first_name = first_name
           account.last_name = last_name
@@ -50,16 +45,12 @@ module OpenStax
           account.faculty_status = faculty_status || :no_faculty_info
           account.role = role || :unknown_role
           account.school_type = school_type || :unknown_school_type
-          account.uuid = uuid
           account.support_identifier = support_identifier
           account.is_test = is_test
-          account.save!
         end
-        transfer_errors_from(account, {type: :verbatim}, true)
-        outputs.account = account
+        transfer_errors_from outputs.account, { type: :verbatim }, true
       end
     end
   end
 end

data/app/routines/openstax/accounts/find_or_create_from_sso.rb CHANGED

@@ -1,23 +1,17 @@
 module OpenStax
   module Accounts
     class FindOrCreateFromSso
       lev_routine express_output: :account
       def exec(attrs)
         attrs.stringify_keys!
         uid = attrs.delete('id')
         uuid = attrs.delete('uuid')
-        account = Account.find_or_initialize_by(
-          uuid: uuid, openstax_uid: uid
-        )
-        account.update_attributes!(
-          attrs.slice(*Account.column_names)
-        )
+        account = Account.find_or_initialize_by(uuid: uuid)
+        account.update_attributes!(attrs.slice(*Account.column_names))
         transfer_errors_from(account, {type: :verbatim})
         outputs.account = account
       end
     end
   end
 end