RubyGems - rockstart - Versions diffs - 0.1.0 → 0.1.1 - Mend

rockstart 0.1.0 → 0.1.1

Files changed (240) hide show

data/lib/generators/rockstart/authorization/auth0/templates/spec/requests/auth_spec.rb ADDED

@@ -0,0 +1,94 @@
+# frozen_string_literal: true
+require "rails_helper"
+RSpec.describe "Auth", type: :request do
+  describe "GET /auth/sign_in" do
+    context "as a guest" do
+      it "renders a login form" do
+        get "/auth/sign_in"
+        expect(response).to have_http_status(:success)
+      end
+    end
+    context "as an authenticated user" do
+      let(:authenticated_user) { create(:user) }
+      before do
+        sign_in(authenticated_user)
+      end
+      it "redirects to the dashboard" do
+        get "/auth/sign_in"
+        expect(response).to redirect_to url_for_user_dashboard
+      end
+    end
+  end
+  describe "GET /auth/sign_out" do
+    it "renders a thanks for visiting page" do
+      get "/auth/sign_out"
+      expect(response).to have_http_status(:success)
+    end
+    context "as an authenticated user" do
+      let(:authenticated_user) { create(:user) }
+      before do
+        sign_in(authenticated_user)
+      end
+      it "redirects to the dashboard" do
+        get "/auth/sign_out"
+        expect(response).to redirect_to url_for_user_dashboard
+      end
+    end
+  end
+  describe "POST /auth/auth0" do
+    context "with a generic error" do
+      before do
+        OmniAuth.config.mock_auth[:auth0] = :something_went_wrong
+      end
+      it "redirects to the sign in page with an error message" do
+        post "/auth/auth0"
+        expect(response).to redirect_to("/callback")
+        follow_redirect!
+        expect(response).to redirect_to "/auth/failure?message=something_went_wrong&strategy=auth0"
+        follow_redirect!
+        expect(response).to redirect_to(auth_sign_in_url)
+        follow_redirect!
+        expect(response.body).to have_content(t("auth0.omniauth_error.generic"))
+      end
+    end
+  end
+  describe "DELETE /auth/sign_out" do
+    context "as an authenticated user" do
+      let(:authenticated_user) { create(:user) }
+      before do
+        sign_in(authenticated_user)
+      end
+      it "redirects back to the auth0 logout page with a redirect to the sign out page" do
+        delete "/auth/sign_out"
+        url_for_sign_out = CGI.escape(auth_sign_out_url)
+        expect(response).to redirect_to(
+          "https://auth0-domain/v2/logout?returnTo=#{url_for_sign_out}&client_id=auth0-client-id"
+        )
+      end
+      it "signs out the user" do
+        delete "/auth/sign_out"
+        expect(controller).not_to be_user_signed_in
+        expect(controller.current_user).not_to be_persisted
+      end
+    end
+  end
+end

data/lib/generators/rockstart/authorization/auth0/templates/spec/support/auth_request_helper.rb ADDED

@@ -0,0 +1,27 @@
+# frozen_string_literal: true
+# Helpers for Auth0 with request specs
+module AuthRequestHelper
+  def self.included(base)
+    base.before(:all) do
+      OmniAuth.config.test_mode = true
+    end
+    base.after(:each) do
+      OmniAuth.config.mock_auth[:auth0] = nil
+    end
+  end
+  def sign_in(resource)
+    OmniAuth.config.mock_auth[:auth0] = OmniAuth::AuthHash.new(resource.to_h)
+    post "/auth/auth0"
+    follow_redirect! # call the callback endpoint
+  end
+  def sign_out(_resource)
+    delete auth_sign_out_path
+  end
+end
+RSpec.configure do |config|
+  config.include AuthRequestHelper, type: :request
+end

data/lib/generators/rockstart/authorization/authorization_generator.rb ADDED

@@ -0,0 +1,29 @@
+# frozen_string_literal: true
+require "rockstart/generators/class_option_helpers"
+class Rockstart::AuthorizationGenerator < Rails::Generators::Base
+  include Rockstart::Generators::ClassOptionHelpers
+  auth0_class_option
+  devise_class_option
+  pundit_class_option
+  def generate_auth0
+    return unless auth0?
+    generate "rockstart:authorization:auth0"
+  end
+  def generate_devise
+    return unless devise?
+    generate "rockstart:authorization:devise", pundit_option
+  end
+  def generate_pundit
+    return unless pundit?
+    generate "rockstart:authorization:pundit", auth0_option
+  end
+end

data/lib/generators/rockstart/{devise → authorization/devise}/USAGE RENAMED

@@ -2,8 +2,10 @@ Description:
     Installs Device for User Authentication
 Example:
-    rails generate rockstart:devise
+    rails generate rockstart:authorization:devise
     This will create:
         A basic devise Install
         A User model with a UUID primary key
+        Custom Controllers for managing a Session/Profile
+        Test Coverage of the Devise installation

data/lib/generators/rockstart/authorization/devise/devise_generator.rb ADDED

@@ -0,0 +1,208 @@
+# frozen_string_literal: true
+require "rockstart/base_generator"
+require "rockstart/generators/migration_helpers"
+module Rockstart::Authorization
+  class DeviseGenerator < Rockstart::BaseGenerator
+    include Rockstart::Generators::MigrationHelpers
+    source_root File.expand_path("templates", __dir__)
+    class_option :devise_layout, type: :string,
+                                 desc: "Custom layout used by all devise controllers",
+                                 default: "application"
+    pundit_class_option
+    def add_user_model
+      directory "models", "app/models"
+      migration_template "create_user_migration.rb.tt", "db/migrate/create_users.rb"
+      migration_template "add_devise_to_users_migration.rb.tt", "db/migrate/add_devise_to_users.rb"
+    end
+    def install_devise
+      Dir.mktmpdir do |dir|
+        generate_devise_install(dir)
+        directory File.join(dir, "config"), "config"
+      end
+    rescue LoadError
+      abort("Please install devise gem!!!") if behavior == :invoke
+    end
+    def add_devise_controllers
+      Dir.mktmpdir do |dir|
+        generate_devise_controllers(dir)
+        add_pundit_support(dir) if pundit?
+        devise_controllers.each do |controller|
+          copy_file File.join(dir, controller_path(controller)), controller_path(controller)
+        end
+      end
+    rescue LoadError
+      abort("Please install devise gem!!!") if behavior == :invoke
+    end
+    def generate_routes
+      route <<~USER_ROUTE
+        devise_for :users, controllers: {
+          sessions: "users/sessions",
+          passwords: "users/passwords",
+          registrations: "users/registrations"
+        }
+      USER_ROUTE
+    end
+    def add_rspec_coverage
+      directory "spec"
+    end
+    def update_application_url_concerns
+      change_application_url("url_for_authentication", "new_user_session_path")
+    end
+    private
+    def generate_devise_install(dir)
+      initializer = build_devise_install_generator(dir)
+      initializer.invoke_all
+      update_initializer(dir)
+      make_devise_paranoid(dir)
+      send_email_on_email_change(dir)
+      send_email_on_password_change(dir)
+      add_translations(dir)
+    end
+    def build_devise_install_generator(dir)
+      require "generators/devise/install_generator"
+      initializer = ::Devise::Generators::InstallGenerator.new(
+        report_stream: StringIO.new
+      )
+      initializer.destination_root = dir
+      initializer
+    end
+    def update_initializer(dir)
+      gsub_file devise_initializer(dir),
+                /config\.mailer_sender = ['"][^'"]+['']/,
+                'config.mailer_sender = ENV.fetch("DEVISE_MAILER_SENDER",' \
+                " Rails.application.credentials.devise_mailer_sender)"
+      gsub_file devise_initializer(dir),
+                /config\.secret_key = ['"][^'"]+['']/,
+                'config.secret_key = ENV.fetch("DEVISE_SECRET_KEY")'
+      gsub_file devise_initializer(dir),
+                /config\.pepper = ['"][^'"]+['']/,
+                'config.pepper = ENV.fetch("DEVISE_PEPPER")'
+    end
+    def make_devise_paranoid(dir)
+      gsub_file devise_initializer(dir),
+                /config\.paranoid = (true|false)/,
+                "config.paranoid = true"
+      uncomment_lines devise_initializer(dir), /config\.paranoid = true/
+    end
+    def send_email_on_email_change(dir)
+      gsub_file devise_initializer(dir),
+                /config\.send_email_changed_notification = (true|false)/,
+                "config.send_email_changed_notification = true"
+      uncomment_lines devise_initializer(dir), /config\.send_email_changed_notification = true/
+    end
+    def send_email_on_password_change(dir)
+      gsub_file devise_initializer(dir),
+                /config\.send_password_change_notification = (true|false)/,
+                "config.send_password_change_notification = true"
+      uncomment_lines devise_initializer(dir), /config\.send_password_change_notification = true/
+    end
+    def add_translations(dir)
+      inject_into_file File.join(dir, "config/locales/devise.en.yml"), after: /failure:$/ do
+        "\n      deleted_account: " \
+          "\"You've deleted your account. Please contact support if you want to recover it!\""
+      end
+    end
+    def devise_initializer(dir)
+      File.join(dir, "config", "initializers", "devise.rb")
+    end
+    def generate_devise_controllers(dir)
+      require "generators/devise/controllers_generator"
+      initializer = build_devise_controllers_generator(dir)
+      initializer.scope = "users"
+      initializer.invoke_all
+      devise_controllers.each do |controller|
+        add_layout_to_controller(dir, controller)
+      end
+    end
+    def build_devise_controllers_generator(dir)
+      initializer = ::Devise::Generators::ControllersGenerator.new(
+        report_stream: StringIO.new
+      )
+      initializer.destination_root = dir
+      initializer.source_paths.insert(1, File.join(self.class.source_root, "controllers"))
+      initializer
+    end
+    def add_layout_to_controller(dir, controller)
+      inject_into_file File.join(dir, controller_path(controller)), after: /< Devise::.*$/ do
+        "\n  layout \"#{options[:devise_layout]}\"\n"
+      end
+      # Replace Generic resource routes with users
+      gsub_file File.join(dir, controller_path(controller)), "/resource", "/users"
+    end
+    def add_pundit_support(dir)
+      use_pundit_for_update_user_details(dir)
+      add_pudit_authorize_current_user_method(dir)
+      add_pudit_authorize_current_user_callback(dir)
+      add_pudit_error_handling_concern(dir)
+    end
+    # rubocop:disable Layout/LineLength
+    def use_pundit_for_update_user_details(dir)
+      gsub_file File.join(dir, controller_path("registrations")),
+                /\.permit\(:account_update.*\)/,
+                ".permit(:account_update, keys: policy(current_user).permitted_attributes_for_update)"
+    end
+    # rubocop:enable Layout/LineLength
+    def add_pudit_authorize_current_user_method(dir)
+      inject_into_file File.join(dir, controller_path("registrations")), after: "protected\n" do
+        "\n" + <<~'METHOD'.gsub(/([^\n]*)\n/, "  \\1\n")
+          # Ensure the logged in user is able to update or destroy their account
+          def authorize_current_user
+            authorize current_user
+          end
+        METHOD
+      end
+    end
+    def add_pudit_authorize_current_user_callback(dir)
+      inject_into_file File.join(dir, controller_path("registrations")),
+                       after: /before_action :configure_account_update_params.*$/ do
+        "\n  before_action :authorize_current_user, only: %i[edit update destroy]"
+      end
+    end
+    def add_pudit_error_handling_concern(dir)
+      inject_into_file File.join(dir, controller_path("registrations")), after: /< Devise::.*$/ do
+        "\n  include PunditErrorHandling\n"
+      end
+    end
+    def controller_path(controller)
+      File.join("app", "controllers", "users", "#{controller}_controller.rb")
+    end
+    def devise_controllers
+      %w[sessions passwords registrations]
+    end
+  end
+end

data/lib/generators/rockstart/authorization/devise/templates/add_devise_to_users_migration.rb.tt ADDED

@@ -0,0 +1,50 @@
+# frozen_string_literal: true
+class AddDeviseToUsers < ActiveRecord::Migration<%= migration_version %>
+  def self.up
+    change_table :users do |t|
+      ## Database authenticatable
+      t.string :email,              null: false, default: ""
+      t.string :encrypted_password, null: false, default: ""
+      ## Recoverable
+      t.string   :reset_password_token
+      t.datetime :reset_password_sent_at
+      ## Rememberable
+      t.datetime :remember_created_at
+      ## Trackable
+      # t.integer  :sign_in_count, default: 0, null: false
+      # t.datetime :current_sign_in_at
+      # t.datetime :last_sign_in_at
+      # t.inet     :current_sign_in_ip
+      # t.inet     :last_sign_in_ip
+      ## Confirmable
+      # t.string   :confirmation_token
+      # t.datetime :confirmed_at
+      # t.datetime :confirmation_sent_at
+      # t.string   :unconfirmed_email # Only if using reconfirmable
+      ## Lockable
+      # t.integer  :failed_attempts, default: 0, null: false # Only if lock strategy is :failed_attempts
+      # t.string   :unlock_token # Only if unlock strategy is :email or :both
+      # t.datetime :locked_at
+      # Uncomment below if timestamps were not included in your original model.
+      # t.timestamps null: false
+    end
+    add_index :users, :email,                unique: true
+    add_index :users, :reset_password_token, unique: true
+    # add_index :users, :confirmation_token,   unique: true
+    # add_index :users, :unlock_token,         unique: true
+  end
+  def self.down
+    # By default, we don't want to make any assumption about how to roll back a migration when your
+    # model already existed. Please edit below which fields you would like to remove in this migration.
+    raise ActiveRecord::IrreversibleMigration
+  end
+end

data/lib/generators/rockstart/{devise → authorization/devise}/templates/controllers/passwords_controller.rb RENAMED

File without changes

data/lib/generators/rockstart/{devise → authorization/devise}/templates/controllers/registrations_controller.rb RENAMED

File without changes

data/lib/generators/rockstart/{devise → authorization/devise}/templates/controllers/sessions_controller.rb RENAMED

File without changes

data/lib/generators/rockstart/{devise → authorization/devise}/templates/create_user_migration.rb.tt RENAMED

File without changes

data/lib/generators/rockstart/{devise → authorization/devise}/templates/models/user.rb RENAMED

@@ -12,7 +12,19 @@ class User < ApplicationRecord
   # admin:boolean
   # deleted_at:datetime
-  delegate :given, :family, to: :namae
+  # Short display name for user
+  def first_name
+    namae.given
+  end
+  # Display image for user
+  def image
+    return unless email?
+    require "digest/md5"
+    hash = Digest::MD5.hexdigest(email.downcase)
+    "https://s.gravatar.com/avatar/#{hash}?s=480"
+  end
   # instead of deleting users, mark them as soft deleted
   def soft_delete
@@ -31,7 +43,7 @@ class User < ApplicationRecord
   def to_s
     # Use the stored name value for labels
-    (name_changed? ? name_was : name) || (id? ? "User ##{id}" : "Guest User")
+    (name_changed? ? name_was : name) || super
   end
   private