sis_core 1.0.5 → 1.0.6

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 743af7d896e433bed5589a15d4d71d33e439591e95c4eb498acb8311daa19c4d
-  data.tar.gz: d6d5bec16bb9bcdc8dbfd97f6b53ede9d7cb01018709406b34721e0cd42b3cb6
+  metadata.gz: 7c2e069bab5a79b5ea0e86bc34f9445920cdc3bbf883938f5e2aae454ae38763
+  data.tar.gz: d27da2f1dab2dbaceb1d08ac11486f325e9793f9dfdadd8a18bb9aaa4199e33f
 SHA512:
-  metadata.gz: 024c7d8e0adc5404a3b17a695f16aeeed1055f1a9fcba94d61d1ce1959282fae2610513c8c62752d8cd31534f6335add61d8f21516afdba69cfabec352656564
-  data.tar.gz: 51114f1222ac1c838424d215bc02aa9954a591dbd8a3e2c2204b2f8eea20bffcb2792ebb60ee76f92f79d9a8a02a7d74c386057defdb46aa14593dff1766da85
+  metadata.gz: e5d24cf81adef27efce96ad29dc9b1bfe5e71adb557d9a1f30d255e78a0979d1c7039e518b4658b1602be5ccb4da9d3d649c33c5bc9f39c052ed4ed032277ad5
+  data.tar.gz: 78c398a895cfb1bcb55fddfe7a6bb097d82dd524e9cbeb8ce1e13f1e9ece68f7660c49753ff86c0d5623fa701a51fe157f76d05912aa3eec40cc62a994d0c474

data/app/controllers/sis/core/application_controller.rb

@@ -1,7 +1,15 @@
 module Sis
   module Core
-    class ApplicationController < ActionController::Base
-      protect_from_forgery with: :exception
+    class ApplicationController < ActionController::API
+      before_action :authenticate_request
+      attr_reader :current_user
+
+      private
+
+      def authenticate_request
+        @current_user = AuthorizeRequest.user(request.headers)
+        render json: { error: 'Not Authorized' }, status: 401 unless @current_user
+      end
     end
   end
 end

data/app/controllers/sis/core/menus_controller.rb

@@ -0,0 +1,22 @@
+module Sis
+  module Core
+    class MenusController < ApplicationController
+      skip_before_action :authenticate_request, only: [:menu]
+      def menu
+        app_module_id = ApplicationModule.find_by_code(params[:app_module]).id
+        user_roles = User.find(params[:user_id]).user_roles.where(application_module_id: app_module_id)
+        menus = []
+        user_roles.each do |role|
+          user_menus = role.menus.where(parent_id: nil, application_module_id: app_module_id)
+          user_menus.each do |user_menu|
+            children = user_menu.children.where(parent_id: user_menu.id, application_module_id: app_module_id)
+            children = children.map { |c| { label: c.text, icon: c.icon_cls, routerLink: [c.location] } }
+            menus.push({ label: user_menu.text, icon: user_menu.icon_cls, location: user_menu.location,
+                         items: children })
+          end
+        end
+        render json: { success: true, data: menus }
+      end
+    end
+  end
+end

data/app/controllers/sis/core/users_controller.rb

@@ -0,0 +1,71 @@
+module Sis
+  module Core
+    class UsersController < ApplicationController
+      skip_before_action :authenticate_request, only: %i[login sign_in generate_recovery_token reset_password]
+      before_action :set_user_service, only: %i[generate_recovery_token reset_password]
+      def sign_in
+        applicant = Applicant&.find_by_email(params[:email])
+        if Applicant&.find_by_email(params[:email]) && applicant.authenticate(params[:password])
+          token = JsonWebToken.encode({ id: applicant.id, first_name: applicant.first_name,
+                                        middle_name: applicant.middle_name, last_name: applicant.last_name,
+                                        email: applicant.email })
+          render json: { success: true, jwt: token }
+        else
+          render json: { success: false, errors: ['Invalid username or password !'] }
+        end
+      end
+
+      def create
+        user = User.new(user_params)
+        if user.save
+          render json: { success: true, data: user }
+        else
+          render json: { success: false, errors: user.errors }
+        end
+      end
+
+      def login
+        user = User.find_by_email(params[:email])
+        if User&.find_by_email(params[:email]) && user.authenticate(params[:password])
+          token = JsonWebToken.encode({ id: user.id, first_name: user.first_name, last_name: user.last_name })
+          render json: { success: true, jwt: token }
+        else
+          render json: { success: false, errors: ['Invalid username or password !'] }
+        end
+      end
+
+      def generate_recovery_token
+        user = User.where(email: params[:email], secret_question_answer: params[:secret_question_answer])
+        if user.count.positive?
+          user = user[0]
+          @service.generate_password_token(user)
+          render json: { success: true, token: user.reset_password_token, email: user.email }
+        else
+          render json: { success: false, errors: ['User not found !'] }
+        end
+      end
+
+      def reset_password
+        token = params[:token].to_s
+        user = User.find_by_reset_password_token(token)
+        if user && @service.password_token_valid?(user.id)
+          @service.reset_password(user.id, params[:password])
+          render json: { success: true }
+        else
+          render json: { success: false, errors: ['Link not valid or expired. Try generating a new link !'] }
+        end
+      end
+
+      private
+
+      def user_params
+        params.require('user').permit(:id, :first_name, :last_name, :email, :password, :reset_password_token,
+                                      :reset_password_sent_at, :secret_question, :secret_question_answer)
+      end
+
+      def set_user_service
+        @service = UserService.new
+      end
+    end
+  end
+end

data/app/models/sis/core/academic_year.rb

@@ -1,7 +1,7 @@
 module Sis
   module Core
     class AcademicYear < ApplicationRecord
-      validates :year, presence: true, uniqueness: true, case_sensitive: false
+      validates :year, presence: true, uniqueness: { case_sensitive: false }
     end
   end
 end

data/app/models/sis/core/applicant.rb

@@ -1,8 +1,11 @@
 module Sis
   module Core
     class Applicant < ApplicationRecord
-      validates :full_name, :email, :phone_number, presence: true
+      mount_base64_uploader :photo, PhotoUploader
+      validates :first_name, :middle_name, :last_name, :email, presence: true
       validates :email, uniqueness: true
+
+      has_secure_password
     end
   end
 end

data/app/models/sis/core/application.rb

@@ -36,11 +36,12 @@ module Sis
         end
       end
 
-      validates :full_name, :email, :age, :gender, :nationality, :status, presence: true
+      validates :status, presence: true
       validates :payment_information, presence: true, if: :payment_made
 
       belongs_to :applicant
       belongs_to :academic_programme
+      belongs_to :application_setup
     end
   end
 end

data/app/models/sis/core/application_document.rb

@@ -1,7 +1,7 @@
 module Sis
   module Core
     class ApplicationDocument < ApplicationRecord
-      validates :document, presence: true
+      mount_base64_uploader :document, ApplicationDocumentUploader
 
       belongs_to :application
       belongs_to :document_requirement

data/app/models/sis/core/application_module.rb

@@ -0,0 +1,8 @@
+module Sis
+  module Core
+    class ApplicationModule < ApplicationRecord
+      has_and_belongs_to_many :users
+      validates :code, :name, presence: true
+    end
+  end
+end

data/app/models/sis/core/exam_result.rb

@@ -8,6 +8,8 @@ module Sis
       belongs_to :application
 
       validates :points, presence: true
+      validates_uniqueness_of :application_id, scope: %i[exam_id]
+
 
       before_validation :set_status
 

data/app/models/sis/core/menu.rb

@@ -0,0 +1,11 @@
+module Sis
+  module Core
+    class Menu < ApplicationRecord
+      has_and_belongs_to_many :user_roles
+      belongs_to :application_module
+      belongs_to :parent, class_name: 'Sis::Core::Menu', optional: true
+      has_many :children, class_name: 'Sis::Core::Menu', foreign_key: 'parent_id'
+      validates :text, presence: true
+    end
+  end
+end

data/app/models/sis/core/user.rb

@@ -0,0 +1,13 @@
+module Sis
+  module Core
+    class User < ApplicationRecord
+      validates :first_name, :last_name, :email, presence: true
+      validates :password, presence: true, on: :create
+      validates :email, uniqueness: true
+      has_and_belongs_to_many :application_modules
+      has_and_belongs_to_many :user_roles
+
+      has_secure_password
+    end
+  end
+end

data/app/models/sis/core/user_role.rb

@@ -0,0 +1,10 @@
+module Sis
+  module Core
+    class UserRole < ApplicationRecord
+      validates :name, presence: true
+      has_and_belongs_to_many :users
+      has_and_belongs_to_many :menus
+      belongs_to :application_module
+    end
+  end
+end

data/app/services/sis/core/user_service.rb

@@ -0,0 +1,25 @@
+module Sis
+  module Core
+    class UserService
+      def generate_password_token(user)
+        user.update({ reset_password_token: generate_token, reset_password_sent_at: Time.now.utc })
+      end
+
+      def password_token_valid?(user_id)
+        user = User.find(user_id)
+        (user.reset_password_sent_at + 4.hours) > Time.now.utc
+      end
+
+      def reset_password(user_id, password)
+        user = User.find(user_id)
+        user.reset_password_token = nil
+        user.password = password
+        user.save!
+      end
+
+      def generate_token
+        SecureRandom.hex(10)
+      end
+    end
+  end
+end

data/app/uploaders/sis/core/application_document_uploader.rb

@@ -0,0 +1,51 @@
+module Sis
+  module Core
+    class ApplicationDocumentUploader < CarrierWave::Uploader::Base
+      # Include RMagick or MiniMagick support:
+      # include CarrierWave::RMagick
+      # include CarrierWave::MiniMagick
+
+      # Choose what kind of storage to use for this uploader:
+      storage :file
+      # storage :fog
+
+      # Override the directory where uploaded files will be stored.
+      # This is a sensible default for uploaders that are meant to be mounted:
+      def store_dir
+        "uploads/#{model.class.to_s.underscore}/#{mounted_as}/#{model.id}"
+      end
+
+      # Provide a default URL as a default if there hasn't been a file uploaded:
+      # def default_url(*args)
+      #   # For Rails 3.1+ asset pipeline compatibility:
+      #   # ActionController::Base.helpers.asset_path("fallback/" + [version_name, "default.png"].compact.join('_'))
+      #
+      #   "/images/fallback/" + [version_name, "default.png"].compact.join('_')
+      # end
+
+      # Process files as they are uploaded:
+      # process scale: [200, 300]
+      #
+      # def scale(width, height)
+      #   # do something
+      # end
+
+      # Create different versions of your uploaded files:
+      # version :thumb do
+      #   process resize_to_fit: [50, 50]
+      # end
+
+      # Add a white list of extensions which are allowed to be uploaded.
+      # For images you might use something like this:
+      def extension_whitelist
+        %w[pdf]
+      end
+
+      # Override the filename of the uploaded files:
+      # Avoid using model.id or version_name here, see uploader/store.rb for details.
+      # def filename
+      #   "something.jpg" if original_filename
+      # end
+    end
+  end
+end

data/app/uploaders/sis/core/photo_uploader.rb

@@ -0,0 +1,51 @@
+module Sis
+  module Core
+    class PhotoUploader < CarrierWave::Uploader::Base
+      # Include RMagick or MiniMagick support:
+      # include CarrierWave::RMagick
+      # include CarrierWave::MiniMagick
+
+      # Choose what kind of storage to use for this uploader:
+      storage :file
+      # storage :fog
+
+      # Override the directory where uploaded files will be stored.
+      # This is a sensible default for uploaders that are meant to be mounted:
+      def store_dir
+        "uploads/#{model.class.to_s.underscore}/#{mounted_as}/#{model.id}"
+      end
+
+      # Provide a default URL as a default if there hasn't been a file uploaded:
+      # def default_url(*args)
+      #   # For Rails 3.1+ asset pipeline compatibility:
+      #   # ActionController::Base.helpers.asset_path("fallback/" + [version_name, "default.png"].compact.join('_'))
+      #
+      #   "/images/fallback/" + [version_name, "default.png"].compact.join('_')
+      # end
+
+      # Process files as they are uploaded:
+      # process scale: [200, 300]
+      #
+      # def scale(width, height)
+      #   # do something
+      # end
+
+      # Create different versions of your uploaded files:
+      # version :thumb do
+      #   process resize_to_fit: [50, 50]
+      # end
+
+      # Add a white list of extensions which are allowed to be uploaded.
+      # For images you might use something like this:
+      def extension_whitelist
+        %w[jpg jpeg gif png]
+      end
+
+      # Override the filename of the uploaded files:
+      # Avoid using model.id or version_name here, see uploader/store.rb for details.
+      # def filename
+      #   "something.jpg" if original_filename
+      # end
+    end
+  end
+end

data/config/routes.rb

@@ -1,2 +1,8 @@
 Sis::Core::Engine.routes.draw do
+  resources :users, only: [:create]
+  post '/login', controller: :users, action: :login
+  get '/menus', controller: :menus, action: :menu
+  post '/sign_in', controller: :users, action: :sign_in
+  post '/generate_recovery_token', controller: :users, action: :generate_recovery_token
+  post '/reset_password', controller: :users, action: :reset_password
 end

data/db/migrate/20200106133937_create_sis_core_applicants.rb

@@ -1,9 +1,23 @@
 class CreateSisCoreApplicants < ActiveRecord::Migration[6.0]
   def change
     create_table :sis_core_applicants do |t|
-      t.string :full_name, null: false
-      t.string :email, null: false, unique: true
-      t.string :phone_number, null: false
+      t.string :first_name, null: false
+      t.string :middle_name, null: false
+      t.string :last_name, null: false
+      t.string :password_digest, null: false
+      t.string :email, null: false
+      t.string :alternative_email_address
+      t.string :primary_phone_number
+      t.string :alternative_telephone_number
+      t.date :date_of_birth
+      t.string :gender
+      t.string :nationality
+      t.string :address
+      t.string :photo
+      t.string :reset_password_token
+      t.datetime :reset_password_sent_at
+      t.string :secret_question
+      t.string :secret_question_answer
 
       t.timestamps
     end

data/db/migrate/20200107094449_create_sis_core_applications.rb

@@ -1,14 +1,8 @@
 class CreateSisCoreApplications < ActiveRecord::Migration[6.0]
   def change
     create_table :sis_core_applications do |t|
-      t.string :full_name, null: false
-      t.string :email, null: false
-      t.integer :age, null: false
-      t.string :gender, null: false
-      t.string :nationality, null: false
       t.string :status, null: false, default: 'Draft'
       t.boolean :payment_made, null: false, default: false
-      t.string :address
       t.string :payment_information
       t.date :application_date
       t.references :applicant,
@@ -19,6 +13,10 @@ class CreateSisCoreApplications < ActiveRecord::Migration[6.0]
                    null: false,
                    index: { name: 'applications_on_ap_indx' },
                    foreign_key: { to_table: :sis_core_academic_programmes }
+      t.references :application_setup,
+                   null: false,
+                   index: { name: 'application_setup_on_ap_indx' },
+                   foreign_key: { to_table: :sis_core_application_setups }
 
       t.timestamps
     end

data/db/migrate/20200107101638_create_sis_core_application_documents.rb

@@ -1,7 +1,7 @@
 class CreateSisCoreApplicationDocuments < ActiveRecord::Migration[6.0]
   def change
     create_table :sis_core_application_documents do |t|
-      t.string :document, null: false
+      t.string :document
       t.references :document_requirement,
                    null: false,
                    index: { name: 'ad_on_adr_indx' },

data/db/migrate/20200507114003_create_sis_core_users.rb

@@ -0,0 +1,17 @@
+class CreateSisCoreUsers < ActiveRecord::Migration[6.0]
+  def change
+    create_table :sis_core_users do |t|
+      t.string :first_name, null: false
+      t.string :last_name, null: false
+      t.string :email, null: false
+      t.boolean :active, default: true
+      t.string :password_digest, null: false
+      t.string :reset_password_token
+      t.datetime :reset_password_sent_at
+      t.string :secret_question
+      t.string :secret_question_answer
+
+      t.timestamps
+    end
+  end
+end

data/db/migrate/20200511165121_create_sis_core_application_modules.rb

@@ -0,0 +1,15 @@
+class CreateSisCoreApplicationModules < ActiveRecord::Migration[6.0]
+  def change
+    create_table :sis_core_application_modules do |t|
+      t.string :code, null: false
+      t.string :name, null: false
+
+      t.timestamps
+    end
+
+    create_table :sis_core_application_modules_users, id: false do |t|
+      t.belongs_to :application_module, index: { name: 'app_module_on_app_modules_usr_indx' }
+      t.belongs_to :user, index: { name: 'usr_on_app_modules_usr_indx' }
+    end
+  end
+end

data/db/migrate/20200511165241_create_sis_core_user_roles.rb

@@ -0,0 +1,15 @@
+class CreateSisCoreUserRoles < ActiveRecord::Migration[6.0]
+  def change
+    create_table :sis_core_user_roles do |t|
+      t.string :name, null: false
+      t.references :application_module, index: { name: 'app_module_on_usr_role_indx' }
+
+      t.timestamps
+    end
+
+    create_table :sis_core_user_roles_users, id: false do |t|
+      t.belongs_to :user, index: { name: 'usr_on_usr_role_usrs_indx' }
+      t.belongs_to :user_role, index: { name: 'usr_role_on_usr_role_usrs_indx' }
+    end
+  end
+end

data/db/migrate/20200511165450_create_sis_core_menus.rb

@@ -0,0 +1,18 @@
+class CreateSisCoreMenus < ActiveRecord::Migration[6.0]
+  def change
+    create_table :sis_core_menus do |t|
+      t.string :text, null: false
+      t.string :icon_cls
+      t.string :location
+      t.integer :parent_id
+      t.references :application_module, index: { name: 'app_module_on_menus_indx' }
+
+      t.timestamps
+    end
+
+    create_table :sis_core_menus_user_roles, id: false do |t|
+      t.belongs_to :menu, index: { name: 'menu_on_menus_usr_role_indx' }
+      t.belongs_to :user_role, index: { name: 'usr_role_on_menus_usr_role_indx' }
+    end
+  end
+end

data/lib/authorize_request.rb

@@ -0,0 +1,18 @@
+class AuthorizeRequest
+  class << self
+    def user(headers)
+      @user ||= User.find(decoded_auth_token(headers)[:id]) if decoded_auth_token(headers)
+      @user || nil
+    end
+
+    def decoded_auth_token(headers)
+      @decoded_auth_token ||= JsonWebToken.decode(http_auth_header(headers)) if http_auth_header(headers)
+    end
+
+    def http_auth_header(headers)
+      return headers['Authorization'].split(' ').last if headers['Authorization'].present?
+
+      nil
+    end
+  end
+end

data/lib/json_web_token.rb

@@ -0,0 +1,12 @@
+class JsonWebToken
+  class << self
+    def encode(payload)
+      JWT.encode(payload, Rails.application.secrets.secret_key_base)
+    end
+
+    def decode(token)
+      body = JWT.decode(token, Rails.application.secrets.secret_key_base)[0]
+      HashWithIndifferentAccess.new body
+    end
+  end
+end

data/lib/sis/core/engine.rb

@@ -4,6 +4,8 @@ module Sis
       isolate_namespace Sis::Core
 
       config.generators.api_only = true
+      config.eager_load_paths << Sis::Core::Engine.root.join('lib')
+      config.autoload_paths << Sis::Core::Engine.root.join('lib')
 
       config.generators do |g|
         g.test_framework :rspec

data/lib/sis/core/version.rb

@@ -1,5 +1,5 @@
 module Sis
   module Core
-    VERSION = '1.0.5'.freeze
+    VERSION = '1.0.6'.freeze
   end
 end

data/lib/sis_core.rb

@@ -1,5 +1,7 @@
 require 'sis/core'
 require 'sis/core/engine'
-require 'devise_token_auth'
+require 'jwt'
+require 'bcrypt'
 require 'aasm'
 require 'active_model_serializers'
+require 'carrierwave'

data/spec/factories/sis/core/academic_years.rb

@@ -1,6 +1,6 @@
 FactoryBot.define do
   factory :academic_year, class: Sis::Core::AcademicYear do
-    year { '2000/01' }
+    year { FFaker::Name.name }
     label { 'Academic year of 2000/01' }
   end
 end

data/spec/factories/sis/core/applicants.rb

@@ -1,7 +1,16 @@
 FactoryBot.define do
   factory :applicant, class: Sis::Core::Applicant do
-    full_name { FFaker::Name.name }
+    first_name { FFaker::Name.name }
+    middle_name { FFaker::Name.name }
+    last_name { FFaker::Name.name }
+    password { FFaker::Name.name }
     email { FFaker::Internet.email }
-    phone_number { FFaker::PhoneNumber.phone_number }
+    primary_phone_number { FFaker::PhoneNumber.phone_number }
+    alternative_telephone_number { FFaker::PhoneNumber.phone_number }
+    date_of_birth { '2000-10-05' }
+    gender { FFaker::Gender.binary }
+    nationality { FFaker::Name.name }
+    address { FFaker::Address.city }
+    photo { FFaker::Name.name }
   end
 end

data/spec/factories/sis/core/application_modules.rb

@@ -0,0 +1,6 @@
+FactoryBot.define do
+  factory :application_module, class: Sis::Core::ApplicationModule do
+    code { FFaker::Name.unique.name }
+    name { FFaker::Name.name }
+  end
+end

data/spec/factories/sis/core/applications.rb

@@ -1,16 +1,11 @@
 FactoryBot.define do
   factory :application, class: Sis::Core::Application do
-    full_name { FFaker::Name.name }
-    email { FFaker::Internet.email }
-    age { FFaker::Random.rand(20..30) }
-    gender { Sis::Core::Application::MALE }
-    nationality { FFaker::Address.country }
     status { :draft }
     payment_made { false }
     payment_information { nil }
-    address { FFaker::Address.street_address }
     application_date { Date.today }
     association :applicant
     association :academic_programme
+    association :application_setup
   end
 end

data/spec/factories/sis/core/menus.rb

@@ -0,0 +1,9 @@
+FactoryBot.define do
+  factory :menu, class: Sis::Core::Menu do
+    text { FFaker::Name.name }
+    icon_cls { 'xf001' }
+    location { '/programme' }
+    parent_id { nil }
+    association :application_module
+  end
+end

data/spec/factories/sis/core/user_roles.rb

@@ -0,0 +1,6 @@
+FactoryBot.define do
+  factory :user_role, class: Sis::Core::UserRole do
+    name { FFaker::Name.name }
+    association :application_module
+  end
+end

data/spec/factories/sis/core/users.rb

@@ -0,0 +1,9 @@
+FactoryBot.define do
+  factory :user, class: Sis::Core::User do
+    first_name { FFaker::Name.name }
+    last_name { FFaker::Name.name }
+    email { FFaker::Internet.email }
+    active { false }
+    password { FFaker::Name.name }
+  end
+end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: sis_core
 version: !ruby/object:Gem::Version
-  version: 1.0.5
+  version: 1.0.6
 platform: ruby
 authors:
 - Henock L.
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2020-04-25 00:00:00.000000000 Z
+date: 2020-06-23 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: aasm
@@ -39,7 +39,49 @@ dependencies:
       - !ruby/object:Gem::Version
         version: 0.10.0
 - !ruby/object:Gem::Dependency
-  name: devise_token_auth
+  name: bcrypt
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 3.1.7
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 3.1.7
+- !ruby/object:Gem::Dependency
+  name: carrierwave
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '2.0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '2.0'
+- !ruby/object:Gem::Dependency
+  name: carrierwave-base64
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: jwt
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
@@ -72,6 +114,20 @@ dependencies:
     - - ">="
       - !ruby/object:Gem::Version
         version: 6.0.2.1
+- !ruby/object:Gem::Dependency
+  name: sqlite3
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
 - !ruby/object:Gem::Dependency
   name: factory_bot_rails
   requirement: !ruby/object:Gem::Requirement
@@ -143,19 +199,25 @@ dependencies:
       - !ruby/object:Gem::Version
         version: '0'
 - !ruby/object:Gem::Dependency
-  name: sqlite3
+  name: pg
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: '0'
+        version: '0.18'
+    - - "<"
+      - !ruby/object:Gem::Version
+        version: '2.0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: '0'
+        version: '0.18'
+    - - "<"
+      - !ruby/object:Gem::Version
+        version: '2.0'
 description: An engine which contains the core of the student information system app
   as a layer.
 email:
@@ -168,11 +230,14 @@ files:
 - README.md
 - Rakefile
 - app/controllers/sis/core/application_controller.rb
+- app/controllers/sis/core/menus_controller.rb
+- app/controllers/sis/core/users_controller.rb
 - app/models/sis/core/academic_programme.rb
 - app/models/sis/core/academic_year.rb
 - app/models/sis/core/applicant.rb
 - app/models/sis/core/application.rb
 - app/models/sis/core/application_document.rb
+- app/models/sis/core/application_module.rb
 - app/models/sis/core/application_record.rb
 - app/models/sis/core/application_setup.rb
 - app/models/sis/core/course.rb
@@ -186,15 +251,18 @@ files:
 - app/models/sis/core/instructor.rb
 - app/models/sis/core/instructor_course.rb
 - app/models/sis/core/lookup.rb
+- app/models/sis/core/menu.rb
 - app/models/sis/core/programme.rb
 - app/models/sis/core/programme_level.rb
 - app/models/sis/core/programme_type.rb
 - app/models/sis/core/semester.rb
-- app/models/sis/core/staff.rb
 - app/models/sis/core/student.rb
-- app/models/user.rb
+- app/models/sis/core/user.rb
+- app/models/sis/core/user_role.rb
+- app/services/sis/core/user_service.rb
+- app/uploaders/sis/core/application_document_uploader.rb
+- app/uploaders/sis/core/photo_uploader.rb
 - config/database.ci.yml
-- config/initializers/devise_token_auth.rb
 - config/routes.rb
 - db/migrate/20200105061717_create_sis_core_lookups.rb
 - db/migrate/20200105072142_create_sis_core_academic_years.rb
@@ -209,14 +277,17 @@ files:
 - db/migrate/20200107302251_create_sis_core_exam_setups.rb
 - db/migrate/20200107333411_create_sis_core_exams.rb
 - db/migrate/20200107434658_create_sis_core_exam_results.rb
-- db/migrate/20200108092202_devise_token_auth_create_users.rb
 - db/migrate/20200307033100_create_sis_core_courses.rb
 - db/migrate/20200307071511_create_sis_core_instructors.rb
 - db/migrate/20200307071736_create_sis_core_instructor_courses.rb
 - db/migrate/20200307072006_create_sis_core_students.rb
 - db/migrate/20200307072317_create_sis_core_course_registrations.rb
-- db/migrate/20200316120805_create_sis_core_staffs.rb
-- db/migrate/20200319074334_modify_user.rb
+- db/migrate/20200507114003_create_sis_core_users.rb
+- db/migrate/20200511165121_create_sis_core_application_modules.rb
+- db/migrate/20200511165241_create_sis_core_user_roles.rb
+- db/migrate/20200511165450_create_sis_core_menus.rb
+- lib/authorize_request.rb
+- lib/json_web_token.rb
 - lib/sis/core.rb
 - lib/sis/core/engine.rb
 - lib/sis/core/version.rb
@@ -226,6 +297,7 @@ files:
 - spec/factories/sis/core/academic_years.rb
 - spec/factories/sis/core/applicants.rb
 - spec/factories/sis/core/application_documents.rb
+- spec/factories/sis/core/application_modules.rb
 - spec/factories/sis/core/application_setups.rb
 - spec/factories/sis/core/applications.rb
 - spec/factories/sis/core/course_registrations.rb
@@ -238,13 +310,14 @@ files:
 - spec/factories/sis/core/instructor_courses.rb
 - spec/factories/sis/core/instructors.rb
 - spec/factories/sis/core/lookups.rb
+- spec/factories/sis/core/menus.rb
 - spec/factories/sis/core/programme_levels.rb
 - spec/factories/sis/core/programme_types.rb
 - spec/factories/sis/core/programmes.rb
 - spec/factories/sis/core/semesters.rb
-- spec/factories/sis/core/staffs.rb
 - spec/factories/sis/core/students.rb
-- spec/factories/users.rb
+- spec/factories/sis/core/user_roles.rb
+- spec/factories/sis/core/users.rb
 homepage: http://www.mks.com.et
 licenses:
 - MIT

data/app/models/sis/core/staff.rb

@@ -1,21 +0,0 @@
-module Sis
-  module Core
-    class Staff < ApplicationRecord
-      belongs_to :user, class_name: 'User'
-      SINGLE = 'Single'.freeze
-      MARRIED = 'Married'.freeze
-      MARITAL_STATUS = [SINGLE, MARRIED].freeze
-      validates :job_title, :job_level, :department, :date_of_employment, :salary,
-                :remark, :mothers_name, :education_level, :phone_number,
-                :place_of_birth, :marital_status, :region, :zone, :wereda,
-                :kebele, :id_number,
-                :emergency_contact_name, :emergency_contact_phone,
-                :relation_to_emergency_contact, :user_id,
-                presence: true
-      validates :salary, numericality: true
-      validates :marital_status, inclusion: { in: MARITAL_STATUS }
-      validates :id_number, uniqueness: true
-      validates :passport_number, uniqueness: true, if: :passport_number?
-    end
-  end
-end

data/app/models/user.rb

@@ -1,12 +0,0 @@
-# frozen_string_literal: true
-
-class User < ActiveRecord::Base
-  extend Devise::Models
-  # Include default devise modules. Others available are:
-  # :confirmable, :lockable, :timeoutable and :omniauthable
-  devise :database_authenticatable, :registerable,
-         :recoverable, :rememberable, :trackable, :validatable
-  include DeviseTokenAuth::Concerns::User
-
-  validates :first_name, :middle_name, :last_name, :password, :email, :gender, :date_of_birth, presence: true
-end

data/config/initializers/devise_token_auth.rb

@@ -1,55 +0,0 @@
-# frozen_string_literal: true
-
-DeviseTokenAuth.setup do |config|
-  # By default the authorization headers will change after each request. The
-  # client is responsible for keeping track of the changing tokens. Change
-  # this to false to prevent the Authorization header from changing after
-  # each request.
-  # config.change_headers_on_each_request = true
-
-  # By default, users will need to re-authenticate after 2 weeks. This setting
-  # determines how long tokens will remain valid after they are issued.
-  # config.token_lifespan = 2.weeks
-
-  # Limiting the token_cost to just 4 in testing will increase the performance of
-  # your test suite dramatically. The possible cost value is within range from 4
-  # to 31. It is recommended to not use a value more than 10 in other environments.
-  config.token_cost = Rails.env.test? ? 4 : 10
-
-  # Sets the max number of concurrent devices per user, which is 10 by default.
-  # After this limit is reached, the oldest tokens will be removed.
-  # config.max_number_of_devices = 10
-
-  # Sometimes it's necessary to make several requests to the API at the same
-  # time. In this case, each request in the batch will need to share the same
-  # auth token. This setting determines how far apart the requests can be while
-  # still using the same auth token.
-  # config.batch_request_buffer_throttle = 5.seconds
-
-  # This route will be the prefix for all oauth2 redirect callbacks. For
-  # example, using the default '/omniauth', the github oauth2 provider will
-  # redirect successful authentications to '/omniauth/github/callback'
-  # config.omniauth_prefix = "/omniauth"
-
-  # By default sending current password is not needed for the password update.
-  # Uncomment to enforce current_password param to be checked before all
-  # attribute updates. Set it to :password if you want it to be checked only if
-  # password is updated.
-  # config.check_current_password_before_update = :attributes
-
-  # By default we will use callbacks for single omniauth.
-  # It depends on fields like email, provider and uid.
-  # config.default_callbacks = true
-
-  # Makes it possible to change the headers names
-  # config.headers_names = {:'access-token' => 'access-token',
-  #                        :'client' => 'client',
-  #                        :'expiry' => 'expiry',
-  #                        :'uid' => 'uid',
-  #                        :'token-type' => 'token-type' }
-
-  # By default, only Bearer Token authentication is implemented out of the box.
-  # If, however, you wish to integrate with legacy Devise authentication, you can
-  # do so by enabling this flag. NOTE: This feature is highly experimental!
-  # config.enable_standard_devise_support = false
-end

data/db/migrate/20200108092202_devise_token_auth_create_users.rb

@@ -1,53 +0,0 @@
-class DeviseTokenAuthCreateUsers < ActiveRecord::Migration[6.0]
-  def change
-    create_table(:users) do |t|
-      ## Required
-      t.string :provider, null: false, default: 'email'
-      t.string :uid, null: false, default: ''
-
-      ## Database authenticatable
-      t.string :encrypted_password, null: false, default: ''
-
-      ## Recoverable
-      t.string   :reset_password_token
-      t.datetime :reset_password_sent_at
-      t.boolean  :allow_password_change, default: false
-
-      ## Rememberable
-      t.datetime :remember_created_at
-
-      ## Confirmable
-      t.string   :confirmation_token
-      t.datetime :confirmed_at
-      t.datetime :confirmation_sent_at
-      t.string   :unconfirmed_email # Only if using reconfirmable
-      ## Trackable
-      t.integer  :sign_in_count, default: 0, null: false
-      t.datetime :current_sign_in_at
-      t.datetime :last_sign_in_at
-      t.string     :current_sign_in_ip
-      t.string     :last_sign_in_ip
-      ## Lockable
-      # t.integer  :failed_attempts, :default => 0, :null => false # Only if lock strategy is :failed_attempts
-      # t.string   :unlock_token # Only if unlock strategy is :email or :both
-      # t.datetime :locked_at
-
-      ## User Info
-      t.string :name
-      t.string :nickname
-      t.string :image
-      t.string :email
-
-      ## Tokens
-      t.text :tokens
-
-      t.timestamps
-    end
-
-    add_index :users, :email,                unique: true
-    add_index :users, %i[uid provider],      unique: true
-    add_index :users, :reset_password_token, unique: true
-    add_index :users, :confirmation_token,   unique: true
-    # add_index :users, :unlock_token,       unique: true
-  end
-end

data/db/migrate/20200316120805_create_sis_core_staffs.rb

@@ -1,31 +0,0 @@
-class CreateSisCoreStaffs < ActiveRecord::Migration[6.0]
-  def change
-    create_table :sis_core_staffs do |t|
-      t.string :job_title, null: false
-      t.string :job_level, null: false
-      t.string :department, null: false
-      t.date :date_of_employment, null: false
-      t.float :salary, null: false
-      t.text :remark, null: false
-      t.string :mothers_name, null: false
-      t.string :education_level, null: false
-      t.string :phone_number, null: false
-      t.string :place_of_birth, null: false
-      t.string :marital_status, null: false
-      t.string :region, null: false
-      t.string :zone, null: false
-      t.string :wereda, null: false
-      t.string :kebele, null: false
-      t.string :passport_number
-      t.string :id_number, null: false, unique: true
-      t.string :emergency_contact_name, null: false
-      t.string :emergency_contact_phone, null: false
-      t.string :relation_to_emergency_contact, null: false
-      t.references :user,
-                   index: { name: 'user_on_staff_indx' },
-                   null: false,
-                   foreign_key: { to_table: :users }
-      t.timestamps
-    end
-  end
-end

data/db/migrate/20200319074334_modify_user.rb

@@ -1,16 +0,0 @@
-class ModifyUser < ActiveRecord::Migration[6.0]
-  def change
-    remove_column :users, :name, :string
-    remove_column :users, :nickname, :string
-    add_column :users, :first_name, :string
-    add_column :users, :middle_name, :string
-    add_column :users, :last_name, :string
-    add_column :users, :gender, :string
-    add_column :users, :date_of_birth, :date
-    change_column :users, :first_name, :string, null: false
-    change_column :users, :middle_name, :string, null: false
-    change_column :users, :last_name, :string, null: false
-    change_column :users, :gender, :string, null: false
-    change_column :users, :date_of_birth, :date, null: false
-  end
-end

data/spec/factories/sis/core/staffs.rb

@@ -1,34 +0,0 @@
-FactoryBot.define do
-  factory :staff, class: 'Sis::Core::Staff' do
-  end
-  # SINGLE = 'Single'.freeze
-  # MARRIED = 'Married'.freeze
-  # MARITAL_STATUS = [SINGLE, MARRIED].freeze
-  # factory :staff, class: 'Sis::Core::Staff' do
-  #   user
-  #   job_title { FFaker::Job.title }
-  #   job_level { FFaker::Company.position }
-  #   department { FFaker::Education.school_name }
-  #   date_of_employment { FFaker::Time.date }
-  #   salary { [2000, 5500.5, 10_000, 20_000].sample }
-  #   remark { FFaker::Lorem.sentence }
-  #   mothers_name { FFaker::Name.name }
-  #   education_level { FFaker::Education.degree }
-  #   phone_number { FFaker::PhoneNumber.phone_number }
-  #   place_of_birth { FFaker::Address.city }
-  #   marital_status { %w[Single Married].sample }
-  #   region { FFaker::Address.city }
-  #   zone { FFaker::Address.neighborhood }
-  #   wereda { [1, 2, 5, 13].sample }
-  #   kebele { [1, 2, 5, 13].sample }
-  #   passport_number { FFaker::Guid.guid }
-  #   id_number { FFaker::Guid.guid }
-  #   emergency_contact_name { FFaker::Name.name }
-  #   emergency_contact_phone { FFaker::PhoneNumber.phone_number }
-  #   relation_to_emergency_contact do
-  #     %w[mother,father,brother,spouse].sample
-  #   end
-  #   created_at { FFaker::Time.datetime }
-  #   updated_at { FFaker::Time.datetime }
-  # end
-end

data/spec/factories/users.rb

@@ -1,11 +0,0 @@
-FactoryBot.define do
-  factory :user, class: 'User' do
-    first_name { FFaker::Name.first_name }
-    middle_name { FFaker::Name.name }
-    last_name { FFaker::Name.last_name }
-    password { FFaker::Internet.password }
-    email { FFaker::Internet.email }
-    gender { %w[male,female].sample }
-    date_of_birth { FFaker::Time.date }
-  end
-end