RubyGems - rockstart - Versions diffs - 0.1.0 → 0.1.1 - Mend

rockstart 0.1.0 → 0.1.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (240) hide show

data/lib/generators/rockstart/authorization/auth0/templates/spec/requests/auth_spec.rb ADDED

@@ -0,0 +1,94 @@
+# frozen_string_literal: true
+require "rails_helper"
+RSpec.describe "Auth", type: :request do
+  describe "GET /auth/sign_in" do
+    context "as a guest" do
+      it "renders a login form" do
+        get "/auth/sign_in"
+        expect(response).to have_http_status(:success)
+      end
+    end
+    context "as an authenticated user" do
+      let(:authenticated_user) { create(:user) }
+      before do
+        sign_in(authenticated_user)
+      end
+      it "redirects to the dashboard" do
+        get "/auth/sign_in"
+        expect(response).to redirect_to url_for_user_dashboard
+      end
+    end
+  end
+  describe "GET /auth/sign_out" do
+    it "renders a thanks for visiting page" do
+      get "/auth/sign_out"
+      expect(response).to have_http_status(:success)
+    end
+    context "as an authenticated user" do
+      let(:authenticated_user) { create(:user) }
+      before do
+        sign_in(authenticated_user)
+      end
+      it "redirects to the dashboard" do
+        get "/auth/sign_out"
+        expect(response).to redirect_to url_for_user_dashboard
+      end
+    end
+  end
+  describe "POST /auth/auth0" do
+    context "with a generic error" do
+      before do
+        OmniAuth.config.mock_auth[:auth0] = :something_went_wrong
+      end
+      it "redirects to the sign in page with an error message" do
+        post "/auth/auth0"
+        expect(response).to redirect_to("/callback")
+        follow_redirect!
+        expect(response).to redirect_to "/auth/failure?message=something_went_wrong&strategy=auth0"
+        follow_redirect!
+        expect(response).to redirect_to(auth_sign_in_url)
+        follow_redirect!
+        expect(response.body).to have_content(t("auth0.omniauth_error.generic"))
+      end
+    end
+  end
+  describe "DELETE /auth/sign_out" do
+    context "as an authenticated user" do
+      let(:authenticated_user) { create(:user) }
+      before do
+        sign_in(authenticated_user)
+      end
+      it "redirects back to the auth0 logout page with a redirect to the sign out page" do
+        delete "/auth/sign_out"
+        url_for_sign_out = CGI.escape(auth_sign_out_url)
+        expect(response).to redirect_to(
+          "https://auth0-domain/v2/logout?returnTo=#{url_for_sign_out}&client_id=auth0-client-id"
+        )
+      end
+      it "signs out the user" do
+        delete "/auth/sign_out"
+        expect(controller).not_to be_user_signed_in
+        expect(controller.current_user).not_to be_persisted
+      end
+    end
+  end
+end

data/lib/generators/rockstart/authorization/auth0/templates/spec/support/auth_request_helper.rb ADDED

@@ -0,0 +1,27 @@
+# frozen_string_literal: true
+# Helpers for Auth0 with request specs
+module AuthRequestHelper
+  def self.included(base)
+    base.before(:all) do
+      OmniAuth.config.test_mode = true
+    end
+    base.after(:each) do
+      OmniAuth.config.mock_auth[:auth0] = nil
+    end
+  end
+  def sign_in(resource)
+    OmniAuth.config.mock_auth[:auth0] = OmniAuth::AuthHash.new(resource.to_h)
+    post "/auth/auth0"
+    follow_redirect! # call the callback endpoint
+  end
+  def sign_out(_resource)
+    delete auth_sign_out_path
+  end
+end
+RSpec.configure do |config|
+  config.include AuthRequestHelper, type: :request
+end

data/lib/generators/rockstart/authorization/authorization_generator.rb ADDED

@@ -0,0 +1,29 @@
+# frozen_string_literal: true
+require "rockstart/generators/class_option_helpers"
+class Rockstart::AuthorizationGenerator < Rails::Generators::Base
+  include Rockstart::Generators::ClassOptionHelpers
+  auth0_class_option
+  devise_class_option
+  pundit_class_option
+  def generate_auth0
+    return unless auth0?
+    generate "rockstart:authorization:auth0"
+  end
+  def generate_devise
+    return unless devise?
+    generate "rockstart:authorization:devise", pundit_option
+  end
+  def generate_pundit
+    return unless pundit?
+    generate "rockstart:authorization:pundit", auth0_option
+  end
+end

data/lib/generators/rockstart/{devise → authorization/devise}/USAGE RENAMED

@@ -2,8 +2,10 @@ Description:
     Installs Device for User Authentication
 Example:
-    rails generate rockstart:devise
+    rails generate rockstart:authorization:devise
     This will create:
         A basic devise Install
         A User model with a UUID primary key
+        Custom Controllers for managing a Session/Profile
+        Test Coverage of the Devise installation

data/lib/generators/rockstart/authorization/devise/devise_generator.rb ADDED

@@ -0,0 +1,208 @@
+# frozen_string_literal: true
+require "rockstart/base_generator"
+require "rockstart/generators/migration_helpers"
+module Rockstart::Authorization
+  class DeviseGenerator < Rockstart::BaseGenerator
+    include Rockstart::Generators::MigrationHelpers
+    source_root File.expand_path("templates", __dir__)
+    class_option :devise_layout, type: :string,
+                                 desc: "Custom layout used by all devise controllers",
+                                 default: "application"
+    pundit_class_option
+    def add_user_model
+      directory "models", "app/models"
+      migration_template "create_user_migration.rb.tt", "db/migrate/create_users.rb"
+      migration_template "add_devise_to_users_migration.rb.tt", "db/migrate/add_devise_to_users.rb"
+    end
+    def install_devise
+      Dir.mktmpdir do |dir|
+        generate_devise_install(dir)
+        directory File.join(dir, "config"), "config"
+      end
+    rescue LoadError
+      abort("Please install devise gem!!!") if behavior == :invoke
+    end
+    def add_devise_controllers
+      Dir.mktmpdir do |dir|
+        generate_devise_controllers(dir)
+        add_pundit_support(dir) if pundit?
+        devise_controllers.each do |controller|
+          copy_file File.join(dir, controller_path(controller)), controller_path(controller)
+        end
+      end
+    rescue LoadError
+      abort("Please install devise gem!!!") if behavior == :invoke
+    end
+    def generate_routes
+      route <<~USER_ROUTE
+        devise_for :users, controllers: {
+          sessions: "users/sessions",
+          passwords: "users/passwords",
+          registrations: "users/registrations"
+        }
+      USER_ROUTE
+    end
+    def add_rspec_coverage
+      directory "spec"
+    end
+    def update_application_url_concerns
+      change_application_url("url_for_authentication", "new_user_session_path")
+    end
+    private
+    def generate_devise_install(dir)
+      initializer = build_devise_install_generator(dir)
+      initializer.invoke_all
+      update_initializer(dir)
+      make_devise_paranoid(dir)
+      send_email_on_email_change(dir)
+      send_email_on_password_change(dir)
+      add_translations(dir)
+    end
+    def build_devise_install_generator(dir)
+      require "generators/devise/install_generator"
+      initializer = ::Devise::Generators::InstallGenerator.new(
+        report_stream: StringIO.new
+      )
+      initializer.destination_root = dir
+      initializer
+    end
+    def update_initializer(dir)
+      gsub_file devise_initializer(dir),
+                /config\.mailer_sender = ['"][^'"]+['']/,
+                'config.mailer_sender = ENV.fetch("DEVISE_MAILER_SENDER",' \
+                " Rails.application.credentials.devise_mailer_sender)"
+      gsub_file devise_initializer(dir),
+                /config\.secret_key = ['"][^'"]+['']/,
+                'config.secret_key = ENV.fetch("DEVISE_SECRET_KEY")'
+      gsub_file devise_initializer(dir),
+                /config\.pepper = ['"][^'"]+['']/,
+                'config.pepper = ENV.fetch("DEVISE_PEPPER")'
+    end
+    def make_devise_paranoid(dir)
+      gsub_file devise_initializer(dir),
+                /config\.paranoid = (true|false)/,
+                "config.paranoid = true"
+      uncomment_lines devise_initializer(dir), /config\.paranoid = true/
+    end
+    def send_email_on_email_change(dir)
+      gsub_file devise_initializer(dir),
+                /config\.send_email_changed_notification = (true|false)/,
+                "config.send_email_changed_notification = true"
+      uncomment_lines devise_initializer(dir), /config\.send_email_changed_notification = true/
+    end
+    def send_email_on_password_change(dir)
+      gsub_file devise_initializer(dir),
+                /config\.send_password_change_notification = (true|false)/,
+                "config.send_password_change_notification = true"
+      uncomment_lines devise_initializer(dir), /config\.send_password_change_notification = true/
+    end
+    def add_translations(dir)
+      inject_into_file File.join(dir, "config/locales/devise.en.yml"), after: /failure:$/ do
+        "\n      deleted_account: " \
+          "\"You've deleted your account. Please contact support if you want to recover it!\""
+      end
+    end
+    def devise_initializer(dir)
+      File.join(dir, "config", "initializers", "devise.rb")
+    end
+    def generate_devise_controllers(dir)
+      require "generators/devise/controllers_generator"
+      initializer = build_devise_controllers_generator(dir)
+      initializer.scope = "users"
+      initializer.invoke_all
+      devise_controllers.each do |controller|
+        add_layout_to_controller(dir, controller)
+      end
+    end
+    def build_devise_controllers_generator(dir)
+      initializer = ::Devise::Generators::ControllersGenerator.new(
+        report_stream: StringIO.new
+      )
+      initializer.destination_root = dir
+      initializer.source_paths.insert(1, File.join(self.class.source_root, "controllers"))
+      initializer
+    end
+    def add_layout_to_controller(dir, controller)
+      inject_into_file File.join(dir, controller_path(controller)), after: /< Devise::.*$/ do
+        "\n  layout \"#{options[:devise_layout]}\"\n"
+      end
+      # Replace Generic resource routes with users
+      gsub_file File.join(dir, controller_path(controller)), "/resource", "/users"
+    end
+    def add_pundit_support(dir)
+      use_pundit_for_update_user_details(dir)
+      add_pudit_authorize_current_user_method(dir)
+      add_pudit_authorize_current_user_callback(dir)
+      add_pudit_error_handling_concern(dir)
+    end
+    # rubocop:disable Layout/LineLength
+    def use_pundit_for_update_user_details(dir)
+      gsub_file File.join(dir, controller_path("registrations")),
+                /\.permit\(:account_update.*\)/,
+                ".permit(:account_update, keys: policy(current_user).permitted_attributes_for_update)"
+    end
+    # rubocop:enable Layout/LineLength
+    def add_pudit_authorize_current_user_method(dir)
+      inject_into_file File.join(dir, controller_path("registrations")), after: "protected\n" do
+        "\n" + <<~'METHOD'.gsub(/([^\n]*)\n/, "  \\1\n")
+          # Ensure the logged in user is able to update or destroy their account
+          def authorize_current_user
+            authorize current_user
+          end
+        METHOD
+      end
+    end
+    def add_pudit_authorize_current_user_callback(dir)
+      inject_into_file File.join(dir, controller_path("registrations")),
+                       after: /before_action :configure_account_update_params.*$/ do
+        "\n  before_action :authorize_current_user, only: %i[edit update destroy]"
+      end
+    end
+    def add_pudit_error_handling_concern(dir)
+      inject_into_file File.join(dir, controller_path("registrations")), after: /< Devise::.*$/ do
+        "\n  include PunditErrorHandling\n"
+      end
+    end
+    def controller_path(controller)
+      File.join("app", "controllers", "users", "#{controller}_controller.rb")
+    end
+    def devise_controllers
+      %w[sessions passwords registrations]
+    end
+  end
+end

data/lib/generators/rockstart/authorization/devise/templates/add_devise_to_users_migration.rb.tt ADDED

@@ -0,0 +1,50 @@
+# frozen_string_literal: true
+class AddDeviseToUsers < ActiveRecord::Migration<%= migration_version %>
+  def self.up
+    change_table :users do |t|
+      ## Database authenticatable
+      t.string :email,              null: false, default: ""
+      t.string :encrypted_password, null: false, default: ""
+      ## Recoverable
+      t.string   :reset_password_token
+      t.datetime :reset_password_sent_at
+      ## Rememberable
+      t.datetime :remember_created_at
+      ## Trackable
+      # t.integer  :sign_in_count, default: 0, null: false
+      # t.datetime :current_sign_in_at
+      # t.datetime :last_sign_in_at
+      # t.inet     :current_sign_in_ip
+      # t.inet     :last_sign_in_ip
+      ## Confirmable
+      # t.string   :confirmation_token
+      # t.datetime :confirmed_at
+      # t.datetime :confirmation_sent_at
+      # t.string   :unconfirmed_email # Only if using reconfirmable
+      ## Lockable
+      # t.integer  :failed_attempts, default: 0, null: false # Only if lock strategy is :failed_attempts
+      # t.string   :unlock_token # Only if unlock strategy is :email or :both
+      # t.datetime :locked_at
+      # Uncomment below if timestamps were not included in your original model.
+      # t.timestamps null: false
+    end
+    add_index :users, :email,                unique: true
+    add_index :users, :reset_password_token, unique: true
+    # add_index :users, :confirmation_token,   unique: true
+    # add_index :users, :unlock_token,         unique: true
+  end
+  def self.down
+    # By default, we don't want to make any assumption about how to roll back a migration when your
+    # model already existed. Please edit below which fields you would like to remove in this migration.
+    raise ActiveRecord::IrreversibleMigration
+  end
+end

data/lib/generators/rockstart/{devise → authorization/devise}/templates/controllers/passwords_controller.rb RENAMED

File without changes

data/lib/generators/rockstart/{devise → authorization/devise}/templates/controllers/registrations_controller.rb RENAMED

File without changes

data/lib/generators/rockstart/{devise → authorization/devise}/templates/controllers/sessions_controller.rb RENAMED

File without changes

data/lib/generators/rockstart/{devise → authorization/devise}/templates/create_user_migration.rb.tt RENAMED

File without changes

data/lib/generators/rockstart/{devise → authorization/devise}/templates/models/user.rb RENAMED

@@ -12,7 +12,19 @@ class User < ApplicationRecord
   # admin:boolean
   # deleted_at:datetime
-  delegate :given, :family, to: :namae
+  # Short display name for user
+  def first_name
+    namae.given
+  end
+  # Display image for user
+  def image
+    return unless email?
+    require "digest/md5"
+    hash = Digest::MD5.hexdigest(email.downcase)
+    "https://s.gravatar.com/avatar/#{hash}?s=480"
+  end
   # instead of deleting users, mark them as soft deleted
   def soft_delete
@@ -31,7 +43,7 @@ class User < ApplicationRecord
   def to_s
     # Use the stored name value for labels
-    (name_changed? ? name_was : name) || (id? ? "User ##{id}" : "Guest User")
+    (name_changed? ? name_was : name) || super
   end
   private