rxcms-podio_plugin 0.3.0

data/app/controllers/services_controller.rb

@@ -0,0 +1,153 @@
+class ServicesController < ApplicationController
+  include PluginHelper
+
+  layout false
+
+  before_filter :get_current_user_role
+
+  # Load configuration items (MANDATORY, must be included)
+  APP_CONFIG = HashWithIndifferentAccess.new(YAML.load(File.read(File.expand_path('../../../config/podio/podio_config.yml', __FILE__))))
+
+  # Set current podio workspace
+  # Input
+  # Output
+  def set_current_podio_workspace
+    begin
+
+      if (@curUserRole == 'contentadmin' ||
+          @curUserRole == 'user' ||
+          @curUserRole == 'anonymous' ||
+          @curUserRole == 'loggedin')
+        raise 'unauthorized access'
+      end
+
+      space = params[:space]
+      metaId = Metadata.first({ :conditions => ['key = ? and sites_id = ?', APP_CONFIG[:PODIO_WORKSPACE], session[:accessible_appid]] });
+
+      if (!metaId.nil?)
+        Metadata.update(metaId, { :value => space })
+      else
+        Metadata.create({
+                            :key => "currentWorkspace",
+                            :value => space,
+                            :mime => "plain/text",
+                            :cat => "podio_config",
+                            :sites_id => session[:accessible_appid]
+                        }).save
+      end
+
+      render :json => { "status" => "success" }
+    rescue
+      render :json => { "status" => "failure", "message" => "Unable to set current podio workspace" }
+    end
+  end
+
+  # Get current podio workspace
+  # Input
+  # Output
+  def get_current_podio_workspace
+    begin
+
+      if (@curUserRole == 'contentadmin' ||
+          @curUserRole == 'user' ||
+          @curUserRole == 'anonymous' ||
+          @curUserRole == 'loggedin')
+        raise 'unauthorized access'
+      end
+
+      curWorkspace = Metadata.first({ :conditions => ['key = ? and sites_id = ?', APP_CONFIG[:PODIO_WORKSPACE], session[:accessible_appid]] })
+
+      if (!curWorkspace.nil?)
+        render :json => { "status" => "success", "data" => curWorkspace.value.to_s.strip }
+      else
+        render :json => { "status" => "failure" }
+      end
+    rescue
+      render :json => { "status" => "failure" }
+    end
+  end
+
+  # Get current podio service account user
+  # Input
+  # Output
+  def get_current_podio_user
+    begin
+
+      if (@curUserRole == 'contentadmin' ||
+          @curUserRole == 'user' ||
+          @curUserRole == 'anonymous' ||
+          @curUserRole == 'loggedin')
+        raise 'unauthorized access'
+      end
+
+      serviceAccount = Metadata.first({ :conditions => [
+          "key = ? and sites_id = ?", APP_CONFIG[:SERVICE_ACCOUNT_NAME], session[:accessible_appid]
+      ]})
+
+      if (!serviceAccount.nil?)
+        render :json => { "status" => "success", "data" => serviceAccount.value.strip}
+      else
+        render :json => { "status" => "failure" }
+      end
+    rescue
+      render :json => { "status" => "failure" }
+    end
+  end
+
+  # Update or create podio service account
+  # Input from POST['userObject'], POST['passObject']
+  # Output json string
+  def update_or_create_podio_service_account
+    SymmetricEncryption.load!
+
+    if (@curUserRole == 'contentadmin' ||
+        @curUserRole == 'user' ||
+        @curUserRole == 'anonymous' ||
+        @curUserRole == 'loggedin')
+      raise 'unauthorized access'
+    end
+
+    constServiceAccountInfoKey = APP_CONFIG[:SERVICE_ACCOUNT_NAME]
+    constServiceAccountPassKey = APP_CONFIG[:SERVICE_ACCOUNT_PASS]
+
+    podioUserObj = params[:userObject]
+    podioPassObj = params[:passObject]
+
+    begin
+      fPodioUser = Metadata.where("key = ? and sites_id = ?", constServiceAccountInfoKey, session[:accessible_appid]).first
+      fPodioPass = Metadata.where("key = ? and sites_id = ?", constServiceAccountPassKey, session[:accessible_appid]).first
+
+      if (!fPodioUser.nil?)
+        Metadata.update(fPodioUser.id, podioUserObj)
+      else
+        Metadata.create({
+                            :key => constServiceAccountInfoKey,
+                            :value => podioUserObj['value'],
+                            :cat => podioUserObj['cat'],
+                            :mime => podioUserObj['mime'],
+                            :sites_id => session[:accessible_appid]
+                        }).save!
+      end
+
+      if (!fPodioPass.nil?)
+        podioPassObj['value'] = SymmetricEncryption.encrypt(podioPassObj['value'])
+        Metadata.update(fPodioPass.id, podioPassObj)
+      else
+        Metadata.create({
+                            :key => constServiceAccountPassKey,
+                            :value => SymmetricEncryption.encrypt(podioPassObj['value']),
+                            :cat => podioPassObj['cat'],
+                            :mime => podioPassObj['mime'],
+                            :sites_id => session[:accessible_appid]
+                        }).save!
+      end
+
+      render :json => { :status => "success" }
+    rescue Exception => ex
+      render :json => { :status => "failure", :message => ex.message }
+    end
+  end
+
+  private
+
+end

data/app/controllers/sessions_controller.rb

@@ -0,0 +1,120 @@
+class SessionsController < ApplicationController
+  layout nil
+
+  # Load configuration items (MANDATORY, must be included)
+  APP_CONFIG = HashWithIndifferentAccess.new(YAML.load(File.read(File.expand_path('../../../config/podio/podio_config.yml', __FILE__))))
+
+  # Create_Session as user action
+  def create_session_as_user
+    begin
+      SymmetricEncryption.load!
+
+      constServiceAccountInfoKey = APP_CONFIG[:SERVICE_ACCOUNT_NAME]
+      constServiceAccountPassKey = APP_CONFIG[:SERVICE_ACCOUNT_PASS]
+
+      apiKey = Metadata.first({:conditions => ["key = ? and sites_id = ?", APP_CONFIG[:PODIO_API_KEY], session[:accessible_appid]]
+                              })
+      secretKey = Metadata.first({:conditions => ["key = ? and sites_id = ?", APP_CONFIG[:PODIO_SECRET_KEY], session[:accessible_appid]]
+                                 })
+
+      # Get service user account information from database
+      usrName = Metadata.where("key = ? and sites_id = ?", constServiceAccountInfoKey, session[:accessible_appid]).first
+      usrPass = Metadata.where("key = ? and sites_Id = ?", constServiceAccountPassKey, session[:accessible_appid]).first
+
+      # API key, secret key, user and password credentials are required to proceed; if not, an error is raised
+      if (!usrName.nil? && !usrPass.nil? && !apiKey.nil? && !secretKey.nil?)
+
+        Podio.setup(
+            :api_url => 'https://api.podio.com',
+            :api_key => apiKey.value.strip,
+            :api_secret => secretKey.value.strip
+        )
+
+        # Authenticate using user ID
+        Podio.client.authenticate_with_credentials(usrName.value.strip, SymmetricEncryption.decrypt(usrPass.value.strip))
+
+        # Store authentication session variables
+        session[:podio_access_token] = Podio.client.oauth_token.access_token
+        session[:podio_refresh_token] = Podio.client.oauth_token.refresh_token
+
+        # Store credential hash as cookies
+        cookies.delete(:podio)
+        cookies[:podio] = Digest::SHA2.hexdigest("#{usrName.value.strip}#{usrPass.value.strip}")
+
+        if (!cookies[:url].nil? && !cookies[:url].empty?)
+          redirect_to cookies[:url].to_s
+        else
+          redirect_to "/"
+        end
+      else
+        raise
+      end
+
+    rescue Exception => ex
+
+      raise "#{ex.message}"
+
+    end
+  end
+
+  # End of Create_Session as user action
+  def change_session_as_user
+    begin
+      SymmetricEncryption.load!
+
+      constServiceAccountInfoKey = APP_CONFIG[:SERVICE_ACCOUNT_NAME]
+      constServiceAccountPassKey = APP_CONFIG[:SERVICE_ACCOUNT_PASS]
+
+      apiKey = Metadata.first({:conditions => ["key = ? and sites_id = ?", APP_CONFIG[:PODIO_API_KEY], session[:accessible_appid]]})
+      secretKey = Metadata.first({:conditions => ["key = ? and sites_id = ?", APP_CONFIG[:PODIO_SECRET_KEY], session[:accessible_appid]]})
+
+      # Get service user account information from database
+      usrName = Metadata.where("key = ? and sites_id = ?", constServiceAccountInfoKey, session[:accessible_appid]).first
+      usrPass = Metadata.where("key = ? and sites_id = ?", constServiceAccountPassKey, session[:accessible_appid]).first
+
+      if (!usrName.nil? && !usrPass.nil? && !apiKey.nil? && !secretKey.nil?)
+        Podio.setup(
+            :api_url => 'https://api.podio.com',
+            :api_key => apiKey.value.strip,
+            :api_secret => secretKey.value.strip
+        )
+
+        # Authenticate using user ID
+        Podio.client.authenticate_with_credentials(usrName.value.strip, SymmetricEncryption.decrypt(usrPass.value.strip))
+
+        # Store authentication session variables
+        session[:podio_access_token] = Podio.client.oauth_token.access_token
+        session[:podio_refresh_token] = Podio.client.oauth_token.refresh_token
+
+        # Store credential hash as cookies
+        cookies.delete(:podio)
+        cookies[:podio] = Digest::SHA2.hexdigest("#{usrName.value.strip}#{usrPass.value.strip}")
+
+        render :json => {:status => "success"}
+      else
+        render :json => {:status => "failure"}
+      end
+
+    rescue Exception => ex
+
+      render :json => {:status => "failure"}
+
+    end
+  end
+
+  # Success_Callback, will be called if a session is successfully created
+  # def success_callback
+
+  #  render :text => 'Session created!'
+
+  # end
+
+  # Delete_Session action, will be called if a session is successfully cleared
+  # def delete_session
+
+  #  session.clear
+  #  render :text => 'Session cleared!'
+
+  # end
+
+end

data/app/helpers/plugin_helper.rb

@@ -0,0 +1,30 @@
+module PluginHelper
+
+  def current_user
+    if UserSession.find.nil?
+      @current_user ||= nil
+    else
+      @current_user ||= User.find(UserSession.find.record.id)
+    end
+  end
+
+  # Get current user's role
+  def get_current_user_role
+    @current_user = current_user
+    if (!@current_user.nil?)
+      siteId = session[:accessible_appid]
+      roleId = session[:accessible_roleid]
+
+      if (!siteId.nil? && !roleId.nil?)
+        userRole = Role.find(roleId)
+        @curUserRole = userRole.name
+      else
+        @curUserRole = 'loggedin'
+      end
+
+    else
+      @curUserRole = 'anonymous'
+    end
+  end
+
+end

data/app/models/abstract_application.rb

@@ -0,0 +1,29 @@
+class AbstractApplication < Podio::Application
+
+  def self.get_apps_list_by_space(spaceid)
+    begin
+      Podio::Application.find_all_for_space(spaceid)
+    rescue
+      []
+    end
+  end
+
+  def self.test_authentication?(user, pass)
+    begin
+      Podio.client.authenticate_with_credentials(user, pass)
+      return true
+    rescue
+      return false
+    end
+  end
+
+  def self.app_exists?(appid)
+    begin
+      Podio::Application.find(appid)
+      return true
+    rescue
+      return false
+    end
+  end
+
+end

data/app/models/abstract_item.rb

@@ -0,0 +1,207 @@
+class AbstractItem < Podio::Item
+  # To change this template use File | Settings | File Templates.
+
+  @@abbrErr = "PAI"
+
+  # Find all items in the app
+  def self.range(app_id, external_ids = [{}], attrs = {:order => "ASC", :field => "item_id", :limit => -1, :offset => -1}, filter_by = [{}])
+    #begin
+    #collection = self.find_by_filter_values(app_id, {}, { :limit => 1, :offset => 1 })
+    attrs[:order] = attrs[:order].nil? ? "ASC" : attrs[:order]
+    attrs[:field] = attrs[:field].nil? ? "item_id" : attrs[:field]
+    attrs[:limit] = (attrs[:limit].nil? || attrs[:limit] == -1) ? 30 : attrs[:limit]
+    attrs[:offset] = (attrs[:offset].nil? || attrs[:offset] == -1) ? 0 : attrs[:offset]
+
+    # Check the app if it exists?
+    if (AbstractApplication.app_exists?(app_id) == false)
+      raise "AbstractItem - #{@@abbrErr}001 The app doesn't exist or service account doesn't have access to it"
+    end
+
+    # Start getting data
+    collection = nil
+
+    begin
+      collection = self.find_by_filter_values(app_id, {}, {:limit => attrs[:limit], :offset => attrs[:offset]})
+    rescue
+      raise "AbstractItem - #{@@abbrErr}002 The access to the app was restricted"
+    end
+
+    data = collection[:all]
+
+    tArray = Array.new
+    tAttributes = Array.new
+    # Flag for getting all existent attributes
+    tAttributesFlag = true
+
+    data.each do |item|
+      tHash = Hash.new
+
+      # Populate items into a customized array of items
+      tHash['item_id'] = item.attributes[:item_id]
+      external_ids.each do |id|
+        if (id[:simple])
+          value = field_values_by_external_id(item, id[:external_id], {:simple => true})
+
+          if !value.nil?
+            tHash[id[:external_id]] = value
+            if (tAttributesFlag)
+              tAttributes << id[:external_id]
+            end
+          end
+        else
+          value = field_values_by_external_id(item, id[:external_id], {})
+
+          if !value.nil?
+            tHash[id[:external_id]] = value
+            if (tAttributesFlag)
+              tAttributes << id[:external_id]
+            end
+          end
+        end
+      end
+
+      # Set flag to false to prevent recursively adding fields
+      tAttributesFlag = false
+      tArray << tHash
+
+    end
+
+    #raise "#{tAttributes.count.to_s}"
+
+    # Change and specify datatypes if needed
+    tArray.each do |item|
+      tAttributes.each do |attr|
+        item[attr] = Float(item[attr]) rescue item[attr].to_s
+      end
+    end
+
+    # Sort items in the customized array of items
+    if (attrs[:order] == "ASC")
+      tArray.sort! { |a, b| a[attrs[:field]] <=> b[attrs[:field]] }
+    elsif (attrs[:order] == "DESC")
+      tArray.sort! { |a, b| a[attrs[:field]] <=> b[attrs[:field]] }
+      tArray.reverse!
+    end
+
+    tArray
+    #rescue Exception => ex
+    #raise 'Access denied, please check your podio access permission!'
+    #end
+  end
+
+  # Find all items based on query
+  # def self.all_by_query(app_id, query = {})
+  #	if (query.empty?)
+  #		raise "AbstractItem - #{@@abbrErr}003 Query must not be empty!"
+  #	else
+  #		collection = self.find_by_filter_values(app_id, query)
+  #		collection[:all]
+  #	end
+  # end
+
+  # Find all items with options and query
+  # def self.all_by_query(app_id, query = {}, options = {})
+  #	if (query.empty?)
+  #		raise "AbstractItem - #{@@abbrErr}003 Query must not be empty!"
+  #	else
+  #		collection = self.find_by_filter_values(app_id, query)
+  #		collection[:all]
+  #	end
+  # end
+
+  # Find a range of items with options and query
+  # def self.find_range_by_query(app_id, query = {}, options = {})
+  #	if (query.empty?)
+  #		raise "AbstractItem - #{@@abbrErr}003 Query must not be empty!"
+  #	else
+  #
+  #	end
+  # end
+
+  #
+  # COMMENT SECTION
+  #
+  # CONSTANTS
+  IS_LIKED = :is_liked
+  CREATED_BY = :created_by
+  CREATED_BY_TYPE = :type
+  CREATED_BY_AVATAR = :avatar
+  CREATED_BY_USER_ID = :user_id
+  CREATED_BY_IMAGE = :image
+  CREATED_BY_LAST_SEEN_ON = :last_seen_on
+  CREATED_BY_AVATAR_TYPE = :avatar_type
+  CREATED_BY_NAME = :name
+  CREATED_BY_ID = :id
+  CREATED_BY_AVATAR_ID = :avatar_id
+  CREATED_BY_URL = :url
+  VALUE = :value
+  CREATED_ON = :created_on
+  FILES = :files
+  COMMENT_ID = :comment_id
+  RICH_VALUE = :rich_value
+  LIKE_COUNT = :like_count
+  #
+  #
+  #
+
+  # Find all comments in an item
+  # def self.comments(item_id)
+  #	Podio::Comment.find_all_for('item',item_id)
+  # end
+
+  # Get comment's attribute
+  # def self.comment_attribute(comment, attribute = :value, options = [])
+  #	raw_comment = comment.attributes[attribute]
+  #	if (options.empty?)
+  #		begin
+  #			raw_comment
+  #		rescue
+  #			raise "AbstractItem - #{@@abbrErr}004 Invalid Operation"
+  #		end
+  #	else
+  #		begin
+  #			tHash = Hash.new
+  #			options.each do |t|
+  #				tHash[t] = raw_comment[t]
+  #			end
+  #			tHash
+  #		rescue
+  #			raise "AbstractItem - #{@@abbrErr}004 Invalid Operation"
+  #		end
+  #	end
+  # end
+
+  # Get current database connection name
+  # def self.database_conn_name
+  #	ActiveRecord::Base.connection.adapter_name.downcase
+  # end
+
+  protected
+
+  # Default methods
+  def self.field_values_by_external_id(item, external_id, options = {})
+    if item.attributes[:fields].present?
+      fields = item.attributes[:fields]
+      matched = false
+
+      fields.each do |field|
+        if (field['external_id'] == external_id)
+          values = field['values']
+          matched = true
+          if (options[:simple])
+            return values.first['value']
+          else
+            return values
+          end
+        end
+      end
+
+      if !matched
+        nil
+      end
+    else
+      nil
+    end
+  end
+
+end