osso 0.0.3.2 → 0.0.3.7

data/lib/osso/graphql/mutations/create_enterprise_account.rb

@@ -0,0 +1,25 @@
+# frozen_string_literal: true
+
+module Osso
+  module GraphQL
+    module Mutations
+      class CreateEnterpriseAccount < BaseMutation
+        null false
+
+        argument :domain, String, required: true
+        argument :name, String, required: true
+
+        field :enterprise_account, Types::EnterpriseAccount, null: false
+        field :errors, [String], null: false
+
+        def resolve(**args)
+          enterprise_account = Osso::Models::EnterpriseAccount.new(args)
+
+          return response_data(enterprise_account: enterprise_account) if enterprise_account.save
+
+          response_error(errors: enterprise_account.errors.full_messages)
+        end
+      end
+    end
+  end
+end

data/lib/osso/graphql/mutations/create_identity_provider.rb

@@ -1,24 +1,30 @@
 # frozen_string_literal: true
 
-module Mutations
-  class CreateIdentityProvider < BaseMutation
-    null false
-    argument :enterprise_account_id, ID, required: true
-    argument :provider_service, Types::IdentityProviderService, required: true
+module Osso
+  module GraphQL
+    module Mutations
+      class CreateIdentityProvider < BaseMutation
+        null false
 
-    field :identity_provider, Types::IdentityProvider, null: false
-    field :errors, [String], null: false
+        argument :enterprise_account_id, ID, required: true
+        argument :service, Types::IdentityProviderService, required: false
 
-    def resolve(enterprise_account_id:, provider_service:)
-      enterprise_account = Osso::Models::EnterpriseAccount.find(enterprise_account_id)
-      identity_provider = enterprise_account.saml_providers.create!(
-        provider: provider_service || 'OKTA',
-        domain: enterprise_account.domain,
-      )
+        field :identity_provider, Types::IdentityProvider, null: false
+        field :errors, [String], null: false
 
-      return_data(identity_provider: identity_provider)
-    rescue StandardError => e
-      return_error(errors: e.full_message)
+        def resolve(enterprise_account_id:, service: nil)
+          enterprise_account = Osso::Models::EnterpriseAccount.find(enterprise_account_id)
+          identity_provider = enterprise_account.identity_providers.build(
+            enterprise_account_id: enterprise_account_id,
+            service: service,
+            domain: enterprise_account.domain,
+          )
+
+          return response_data(identity_provider: identity_provider) if identity_provider.save
+
+          response_error(errors: identity_provider.errors.full_messages)
+        end
+      end
     end
   end
 end

data/lib/osso/graphql/mutations/set_identity_provider.rb

@@ -0,0 +1,27 @@
+# frozen_string_literal: true
+
+module Osso
+  module GraphQL
+    module Mutations
+      class SetSamlProvider < BaseMutation
+        null false
+
+        argument :provider, Types::IdentityProviderService, required: true
+        argument :id, ID, required: true
+
+        field :identity_provider, Types::IdentityProvider, null: false
+        field :errors, [String], null: false
+
+        def resolve(provider:, id:)
+          identity_provider = Osso::Models::IdentityProvider.find(id)
+          identity_provider.service = provider
+          identity_provider.save!
+          {
+            identity_provider: identity_provider,
+            errors: [],
+          }
+        end
+      end
+    end
+  end
+end

data/lib/osso/graphql/query.rb

@@ -1,28 +1,25 @@
 # frozen_string_literal: true
 
-module Types
-  class QueryType < GraphQL::Schema::Object
-    # field :node, field: GraphQL::Relay::Node.field
-    field :enterprise_account, null: false, resolver: Resolvers::EnterpriseAccount do
-      argument :domain, String, required: true
-    end
-    field :enterprise_accounts, null: true, resolver: Resolvers::EnterpriseAccounts
-    field :oauth_clients, null: true, resolver: Resolvers::OAuthClients
+module Osso
+  module GraphQL
+    module Types
+      class QueryType < ::GraphQL::Schema::Object
+        field :enterprise_accounts, null: true, resolver: Resolvers::EnterpriseAccounts
+        field :oauth_clients, null: true, resolver: Resolvers::OAuthClients
 
-    field(
-      :identity_provider,
-      Types::IdentityProvider,
-      null: true,
-      resolve: ->(_obj, args, _context) { Osso::Models::SamlProvider.find(args[:id]) },
-    ) do
-      argument :id, ID, required: true
-    end
+        field :enterprise_account, null: true, resolver: Resolvers::EnterpriseAccount do
+          argument :domain, String, required: true
+        end
 
-    # field(
-    #   :viewer,
-    #   Types::User,
-    #   null: true,
-    #   resolve: ->(_obj, _args, context) { context[:current_user] },
-    # )
+        field(
+          :identity_provider,
+          Types::IdentityProvider,
+          null: true,
+          resolve: ->(_obj, args, _context) { Osso::Models::IdentityProvider.find(args[:id]) },
+        ) do
+          argument :id, ID, required: true
+        end
+      end
+    end
   end
 end

data/lib/osso/graphql/resolvers.rb

@@ -1,6 +1,10 @@
 # frozen_string_literal: true
 
-module Resolvers
+module Osso
+  module GraphQL
+    module Resolvers
+    end
+  end
 end
 
 require_relative 'resolvers/enterprise_account'

data/lib/osso/graphql/resolvers/enterprise_account.rb

@@ -1,21 +1,25 @@
 # frozen_string_literal: true
 
-module Resolvers
-  class EnterpriseAccount < GraphQL::Schema::Resolver
-    type Types::EnterpriseAccount, null: false
+module Osso
+  module GraphQL
+    module Resolvers
+      class EnterpriseAccount < ::GraphQL::Schema::Resolver
+        type Types::EnterpriseAccount, null: false
 
-    def resolve(args)
-      return unless admin? || enterprise_authorized?(args[:domain])
+        def resolve(args)
+          return unless admin? || enterprise_authorized?(args[:domain])
 
-      Osso::Models::EnterpriseAccount.find_by(domain: args[:domain])
-    end
+          Osso::Models::EnterpriseAccount.find_by(domain: args[:domain])
+        end
 
-    def admin?
-      context[:scope] == :admin
-    end
+        def admin?
+          context[:scope] == :admin
+        end
 
-    def enterprise_authorized?(domain)
-      context[:scope] == domain
+        def enterprise_authorized?(domain)
+          context[:scope] == domain
+        end
+      end
     end
   end
 end

data/lib/osso/graphql/resolvers/enterprise_accounts.rb

@@ -1,13 +1,17 @@
 # frozen_string_literal: true
 
-module Resolvers
-  class EnterpriseAccounts < GraphQL::Schema::Resolver
-    type [Types::EnterpriseAccount], null: true
+module Osso
+  module GraphQL
+    module Resolvers
+      class EnterpriseAccounts < ::GraphQL::Schema::Resolver
+        type [Types::EnterpriseAccount], null: true
 
-    def resolve
-      return Osso::Models::EnterpriseAccount.all if context[:scope] == :admin
+        def resolve
+          return Osso::Models::EnterpriseAccount.all if context[:scope] == :admin
 
-      Array(Osso::Models::EnterpriseAccount.find_by(domain: context[:scope]))
+          Array(Osso::Models::EnterpriseAccount.find_by(domain: context[:scope]))
+        end
+      end
     end
   end
 end

data/lib/osso/graphql/resolvers/oauth_clients.rb

@@ -1,11 +1,15 @@
 # frozen_string_literal: true
 
-module Resolvers
-  class OAuthClients < GraphQL::Schema::Resolver
-    type [Types::OAuthClient], null: true
+module Osso
+  module GraphQL
+    module Resolvers
+      class OAuthClients < ::GraphQL::Schema::Resolver
+        type [Types::OAuthClient], null: true
 
-    def resolve
-      return Osso::Models::OAuthClient.all if context[:scope] == :admin
+        def resolve
+          return Osso::Models::OauthClient.all if context[:scope] == :admin
+        end
+      end
     end
   end
 end

data/lib/osso/graphql/schema.rb

@@ -11,28 +11,36 @@ GraphQL::Relay::BaseConnection.register_connection_implementation(
   GraphQL::Relay::RelationConnection,
 )
 
-class OssoSchema < GraphQL::Schema
-  query Types::QueryType
-  mutation Types::MutationType
-  use GraphQL::Pagination::Connections
+module Osso
+  module GraphQL
+    class Schema < ::GraphQL::Schema
+      use ::GraphQL::Pagination::Connections
+      query Types::QueryType
+      mutation Types::MutationType
 
-  def self.id_from_object(object, _type_definition = nil, _query_ctx = nil)
-    GraphQL::Schema::UniqueWithinType.encode(object.class.name, object.id)
-  end
+      def self.id_from_object(object, _type_definition = nil, _query_ctx = nil)
+        GraphQL::Schema::UniqueWithinType.encode(object.class.name, object.id)
+      end
 
-  def self.object_from_id(id, _query_ctx = nil)
-    class_name, item_id = GraphQL::Schema::UniqueWithinType.decode(id)
-    Object.const_get(class_name).find(item_id)
-  end
+      def self.object_from_id(id, _query_ctx = nil)
+        class_name, item_id = GraphQL::Schema::UniqueWithinType.decode(id)
+        Object.const_get(class_name).find(item_id)
+      end
+
+      def self.resolve_type(_type, obj, _ctx)
+        case obj
+        when Osso::Models::EnterpriseAccount
+          Types::EnterpriseAccount
+        when Osso::Models::IdentityProvider
+          Types::IdentityProvider
+        else
+          raise("Unexpected object: #{obj}")
+        end
+      end
 
-  def self.resolve_type(_type, obj, _ctx)
-    case obj
-    when Osso::Models::EnterpriseAccount
-      Types::EnterpriseAccount
-    when Osso::Models::SamlProvider
-      Types::IdentityProvider
-    else
-      raise("Unexpected object: #{obj}")
+      def self.unauthorized_object(error)
+        raise ::GraphQL::ExecutionError, "An object of type #{error.type.graphql_name} was hidden due to permissions"
+      end
     end
   end
 end

data/lib/osso/graphql/types.rb

@@ -1,10 +1,13 @@
 # frozen_string_literal: true
 
-module Types
+module Osso
+  module Types
+  end
 end
 
 require_relative 'types/base_object'
 require_relative 'types/base_enum'
+require_relative 'types/base_input_object'
 require_relative 'types/identity_provider_service'
 require_relative 'types/identity_provider'
 require_relative 'types/enterprise_account'

data/lib/osso/graphql/types/base_enum.rb

@@ -1,6 +1,10 @@
 # frozen_string_literal: true
 
-module Types
-  class BaseEnum < GraphQL::Schema::Enum
+module Osso
+  module GraphQL
+    module Types
+      class BaseEnum < ::GraphQL::Schema::Enum
+      end
+    end
   end
 end

data/lib/osso/graphql/types/base_input_object.rb

@@ -0,0 +1,10 @@
+# frozen_string_literal: true
+
+module Osso
+  module GraphQL
+    module Types
+      class BaseInputObject < ::GraphQL::Schema::InputObject
+      end
+    end
+  end
+end

data/lib/osso/graphql/types/base_object.rb

@@ -2,7 +2,11 @@
 
 require 'graphql'
 
-module Types
-  class BaseObject < GraphQL::Schema::Object
+module Osso
+  module GraphQL
+    module Types
+      class BaseObject < ::GraphQL::Schema::Object
+      end
+    end
   end
 end

data/lib/osso/graphql/types/enterprise_account.rb

@@ -2,28 +2,32 @@
 
 require 'graphql'
 
-module Types
-  class EnterpriseAccount < Types::BaseObject
-    description 'An Account for a company that wishes to use SAML via Osso'
-    implements GraphQL::Types::Relay::Node
+module Osso
+  module GraphQL
+    module Types
+      class EnterpriseAccount < Types::BaseObject
+        description 'An Account for a company that wishes to use SAML via Osso'
+        implements ::GraphQL::Types::Relay::Node
 
-    global_id_field :gid
-    field :id, ID, null: false
-    field :name, String, null: false
-    field :domain, String, null: false
-    field :identity_providers, [Types::IdentityProvider], null: true
-    field :status, String, null: false
+        global_id_field :gid
+        field :id, ID, null: false
+        field :name, String, null: false
+        field :domain, String, null: false
+        field :identity_providers, [Types::IdentityProvider], null: true
+        field :status, String, null: false
 
-    def name
-      object.domain.gsub('.com', '')
-    end
+        def status
+          'active'
+        end
 
-    def status
-      'active'
-    end
+        def identity_providers
+          object.identity_providers
+        end
 
-    def identity_providers
-      object.saml_providers
+        def self.authorized?(object, context)
+          super && (context[:scope] == :admin || object.domain == context[:scope])
+        end
+      end
     end
   end
 end

data/lib/osso/graphql/types/identity_provider.rb

@@ -2,35 +2,36 @@
 
 require 'graphql'
 
-module Types
-  class IdentityProvider < Types::BaseObject
-    description 'Represents a SAML based IDP instance for an EnterpriseAccount'
-    implements GraphQL::Types::Relay::Node
+module Osso
+  module GraphQL
+    module Types
+      class IdentityProvider < Types::BaseObject
+        description 'Represents a SAML based IDP instance for an EnterpriseAccount'
+        implements ::GraphQL::Types::Relay::Node
 
-    global_id_field :gid
-    field :id, ID, null: false
-    field :enterprise_Account_id, ID, null: false
-    field :service, Types::IdentityProviderService, null: true
-    field :domain, String, null: false
-    field :acs_url, String, null: false
-    field :sso_url, String, null: true
-    field :sso_cert, String, null: true
-    field :configured, Boolean, null: false
+        global_id_field :gid
+        field :id, ID, null: false
+        field :enterprise_account_id, ID, null: false
+        field :service, Types::IdentityProviderService, null: true
+        field :domain, String, null: false
+        field :acs_url, String, null: false
+        field :sso_url, String, null: true
+        field :sso_cert, String, null: true
+        field :configured, Boolean, null: false
+        field :documentation_pdf_url, String, null: true
 
-    def service
-      @object.provider
-    end
-
-    def configured
-      @object.idp_sso_target_url && @object.idp_cert
-    end
+        def configured
+          !!(@object.sso_url && @object.sso_cert)
+        end
 
-    def sso_cert
-      @object.idp_cert
-    end
+        def documentation_pdf_url
+          ENV['BASE_URL'] + '/identity_provider/documentation/' + @object.id
+        end
 
-    def sso_url
-      @object.idp_sso_target_url
+        def self.authorized?(object, context)
+          super && (context[:scope] == :admin || object.domain == context[:scope])
+        end
+      end
     end
   end
 end