soar-authentication-identity_uuid_translator 1.0.0

data/docker-compose.customer.yml

@@ -0,0 +1,18 @@
+version: "2"
+services:
+    mysql:
+        image: mysql:5.5
+        ports: 
+            - "3306:3306"
+        environment:
+            - MYSQL_ROOT_PASSWORD=secret
+            - MYSQL_DATABASE=konsoleh_genie
+            - MYSQL_USER=genie
+            - MYSQL_PASSWORD=secret
+
+    dynamodb:
+        build: 
+            context: .
+            dockerfile: Dockerfile.dynamo_db
+        ports: 
+            - "8000:8000"

data/docker-compose.dynamo_db.yml

@@ -0,0 +1,8 @@
+version: "2"
+services:
+  dynamodb:
+    build: 
+        context: .
+        dockerfile: Dockerfile.dynamo_db
+    ports: 
+      - "8000:8000"

data/docker-compose.staff.yml

@@ -0,0 +1,21 @@
+version: "2"
+services:
+  ldap:
+    image: osixia/openldap:1.1.7
+    ports: 
+      - "389:389"
+      - "636:636"
+    environment:
+      - LDAP_DOMAIN=hetzner.co.za
+      - LDAP_ORGANISATION=Hetzner
+      - LDAP_ADMIN_PASSWORD=secret
+      - LDAP_TLS_VERIFY_CLIENT=never
+      - LDAP_TLS_PROTOCOL_MIN=1.2
+      - LDAP_TLS_CIPHER_SUITE=SECURE128:-VERS-SSL3.0:+VERS-TLS1.2
+
+  dynamodb:
+    build: 
+      context: .
+      dockerfile: Dockerfile.dynamo_db
+    ports: 
+      - "8000:8000"

data/lib/soar/authentication/identity_uuid_translator.rb

@@ -0,0 +1,13 @@
+require 'soar/authentication/identity_uuid_translator/model'
+
+module Soar
+  module Authentication
+    module IdentityUuidTranslator
+
+      def self.new(provider)
+        Soar::Authentication::IdentityUuidTranslator::Model.new(provider)
+      end
+
+    end
+  end
+end

data/lib/soar/authentication/identity_uuid_translator/error.rb

@@ -0,0 +1,11 @@
+module Soar
+  module Authentication
+    module IdentityUuidTranslator
+      module Error
+        class UnknownIdentityError < StandardError; end;
+      end
+    end
+  end
+end
+
+

data/lib/soar/authentication/identity_uuid_translator/factory.rb

@@ -0,0 +1,23 @@
+require 'soar/authentication/identity_uuid_translator'
+
+module Soar
+  module Authentication
+    module IdentityUuidTranslator
+      module Factory
+
+				##
+        # @param [String] value
+        # @param [ObjectSelector] selector
+        # @raise [ObjectSelector::Error::NoMatchError]
+        # @return [Soar::Registry::Identity]
+        ##
+        def self.create(selector: , value: )
+          provider = selector.select(value)
+          return Soar::Authentication::IdentityUuidTranslator.new(provider)
+        end
+
+
+      end
+    end
+  end
+end

data/lib/soar/authentication/identity_uuid_translator/model.rb

@@ -0,0 +1,24 @@
+require 'soar/authentication/identity_uuid_translator/error'
+require 'soar/authentication/identity_uuid_translator/provider/staff'
+require 'soar/authentication/identity_uuid_translator/provider/customer'
+
+module Soar
+  module Authentication
+    module IdentityUuidTranslator
+      
+        class Model
+
+          attr_reader :provider
+
+          def initialize(provider)
+            @provider = provider
+          end
+
+          def uuid
+            @provider.uuid
+          end
+
+      end
+    end
+  end
+end

data/lib/soar/authentication/identity_uuid_translator/provider/customer.rb

@@ -0,0 +1,54 @@
+require 'soar/registry/identity'
+require 'uuidtools'
+
+module Soar
+  module Authentication
+    module IdentityUuidTranslator
+      module Provider
+        class Customer
+
+          ROLE = "customer_account_administrator"
+          PREFIX = "genie:client:id:"
+
+          ##
+          # @param [String] identifier
+          # @param [Soar::Registry::Identity] identity_registry
+          # @param [Soar::Authentication::IdentityUuidTranslator:UuidGenerator] uuid_generator
+          # @param [Soar::Registry::Directory] roles_directory
+          ##
+          def initialize(identifier: , identity_registry: , uuid_generator: nil, role_generator: nil)
+            @idr = identity_registry
+            @uuid_generator = uuid_generator 
+            @identifier = identifier
+            @role_generator = role_generator 
+          end
+
+          def uuid
+            return @uuid if not @uuid.nil?
+            @identifiers = @idr.get_identifiers(@identifier)
+            @uuid = @uuid_generator.nil? ? @identifiers[0] : @uuid_generator::generate("#{PREFIX}#{@identifiers[0]}")
+            @role_generator.generate({
+                "identity_uuid" => uuid,
+                "identity_role" => ROLE,
+                "identity_role_attributes" => [client_number].compact
+            }) if not @role_generator.nil? 
+            return @uuid
+          end
+
+          ##
+          # @return [String|Nil] 
+          ##
+          def client_number
+            client_number = @identifiers.map do |identifier|
+              next if not identifier.is_a?(String) # it's an ID
+              break identifier if /\A[CF]{0,1}\d+\z/i.match(identifier)
+            end
+            client_number.is_a?(Array) ? nil : client_number
+          end
+
+        end
+
+      end
+    end
+  end
+end

data/lib/soar/authentication/identity_uuid_translator/provider/staff.rb

@@ -0,0 +1,33 @@
+require 'soar/registry/identity'
+
+module Soar
+  module Authentication
+    module IdentityUuidTranslator
+      module Provider
+        class Staff
+
+          ROLE = "hetzner_staff_member"
+
+          def initialize(identifier: , identity_registry: , role_generator: nil)
+            @identifier = identifier
+            @idr = identity_registry
+            @role_generator = role_generator 
+          end
+
+          def uuid
+            return @uuid if not @uuid.nil?
+            identifiers = @idr.get_identifiers(@identifier)
+            @uuid = identifiers[0]
+            @role_generator.generate({
+                "identity_uuid" => uuid,
+                "identity_role" => ROLE
+            }) if not @role_generator.nil? 
+            return @uuid
+          end
+
+        end
+
+      end
+    end
+  end
+end

data/lib/soar/authentication/identity_uuid_translator/role_generator.rb

@@ -0,0 +1,21 @@
+module Soar
+  module Authentication
+    module IdentityUuidTranslator
+        class RoleGenerator
+
+          def initialize(directory)
+            @directory = directory
+          end
+
+          def generate(role)
+            begin 
+              @directory.put(role)
+            rescue Soar::Registry::Directory::Error::DuplicateEntryError => e
+              true
+            end
+          end
+
+        end
+    end
+  end
+end

data/lib/soar/authentication/identity_uuid_translator/test/fixtures/client_table.sql

@@ -0,0 +1,91 @@
+DROP TABLE IF EXISTS `Client`;
+CREATE TABLE `Client` (
+  `ID` int(11) NOT NULL AUTO_INCREMENT,
+  `Timestamp` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP,
+  `Client_Number` varchar(15) NOT NULL DEFAULT '',
+  `Privil` varchar(15) NOT NULL DEFAULT '',
+  `Active` enum('0','1') NOT NULL DEFAULT '0',
+  `ActiveUntil` timestamp NOT NULL DEFAULT '0000-00-00 00:00:00',
+  `MaxDomains` int(11) NOT NULL DEFAULT '100',
+  `Title` varchar(10) DEFAULT NULL,
+  `First_Name` varchar(70) DEFAULT NULL,
+  `Surname` varchar(70) DEFAULT NULL,
+  `Company` varchar(70) DEFAULT NULL,
+  `Street` varchar(70) DEFAULT NULL,
+  `Postal_Code` varchar(10) DEFAULT NULL,
+  `Suburb` varchar(70) NOT NULL DEFAULT '',
+  `Country` varchar(70) NOT NULL DEFAULT '0',
+  `City` varchar(70) NOT NULL DEFAULT '',
+  `CountryGroup` enum('0','1','2') NOT NULL DEFAULT '0',
+  `Telephone` varchar(50) DEFAULT NULL,
+  `Cellphone` varchar(50) NOT NULL DEFAULT '',
+  `ID_Number` varchar(30) DEFAULT NULL,
+  `Date_Of_Birth` timestamp NOT NULL DEFAULT '0000-00-00 00:00:00',
+  `Fax` varchar(50) DEFAULT NULL,
+  `RipeHandle` varchar(16) NOT NULL DEFAULT '',
+  `Login` varchar(15) DEFAULT NULL,
+  `Password` varchar(30) DEFAULT NULL,
+  `FromEmail1` varchar(40) NOT NULL DEFAULT '',
+  `FromEmail2` varchar(40) DEFAULT NULL,
+  `FromEmail3` varchar(40) DEFAULT NULL,
+  `PublicKey` mediumtext NOT NULL,
+  `Newsletter` enum('0','1') NOT NULL DEFAULT '0',
+  `Notice` enum('0','1') NOT NULL DEFAULT '1',
+  `Notifyemail` varchar(100) DEFAULT NULL,
+  `Notifyemail_Robot` varchar(100) NOT NULL DEFAULT '',
+  `Notifyemail_Traffic` varchar(100) DEFAULT NULL,
+  `Notifyemail_Invoice` text,
+  `FreeTraffic` decimal(4,2) DEFAULT NULL,
+  `Bank_Branch_Code` varchar(8) DEFAULT NULL,
+  `Bank_Account_Number` varchar(30) DEFAULT NULL,
+  `Bank_Account_Holder` varchar(60) DEFAULT NULL,
+  `Bank_Account_Type` enum('0','1','2','3','4','5') NOT NULL DEFAULT '0',
+  `Bank_Name` varchar(60) NOT NULL DEFAULT '',
+  `Bank_Branch_Location` varchar(60) NOT NULL DEFAULT '',
+  `Reseller` enum('0','1') NOT NULL DEFAULT '0',
+  `Reseller_Proof` varchar(60) NOT NULL DEFAULT '',
+  `CreditCardNumber` varchar(30) NOT NULL DEFAULT '',
+  `CreditCardExpiration` varchar(6) NOT NULL DEFAULT '',
+  `CreditCardName` varchar(15) NOT NULL DEFAULT '',
+  `payment_method` enum('Unspecified','Cash','Debit Order') NOT NULL DEFAULT 'Unspecified',
+  `Mother_ID` varchar(12) NOT NULL DEFAULT '',
+  `ChargeVAT` enum('0','1') NOT NULL DEFAULT '1',
+  `Summary_Invoice` enum('0','1') NOT NULL DEFAULT '0',
+  `Separate_Invoice` enum('0','1') NOT NULL DEFAULT '0',
+  `Email_Format` enum('0','1','2','3') NOT NULL DEFAULT '1',
+  `Dedi_Graph` enum('0','1') NOT NULL DEFAULT '1',
+  `TaxID` varchar(20) NOT NULL DEFAULT '',
+  `Discount` decimal(4,2) DEFAULT NULL,
+  `ChargeRobotSetup` enum('0','1','2') DEFAULT NULL,
+  `ClientCreated` timestamp NOT NULL DEFAULT '0000-00-00 00:00:00',
+  `Comment` text,
+  `Advice` mediumtext NOT NULL,
+  `Vat_Number` varchar(30) DEFAULT NULL,
+  `Rejection_Counter` tinyint(11) DEFAULT '0',
+  `Marketing` enum('Print','Brainstorm','ComputerActive','Google','ITWeb','Mouth','Website','Search','Designer','Hetzner','Other','SA Computer Magazine','Entrepreneur Magazine','Financial Mail') DEFAULT NULL,
+  `Marketing_other` mediumtext,
+  `Billing_First_Name` varchar(70) NOT NULL DEFAULT '',
+  `Billing_Surname` varchar(70) NOT NULL DEFAULT '',
+  `Billing_Telephone` varchar(50) NOT NULL DEFAULT '',
+  `Billing_Cellphone` varchar(50) NOT NULL DEFAULT '',
+  `Tech_First_Name` varchar(70) NOT NULL DEFAULT '',
+  `Tech_Surname` varchar(70) NOT NULL DEFAULT '',
+  `Notifyemail_Tech` varchar(100) NOT NULL DEFAULT '',
+  `Tech_Telephone` varchar(50) NOT NULL DEFAULT '',
+  `Tech_Cellphone` varchar(50) NOT NULL DEFAULT '',
+  `Verified` enum('0','1') NOT NULL DEFAULT '1',
+  `mass_update_notification_sent` enum('1','2','3','more','no') NOT NULL DEFAULT 'no',
+  `mass_update_submission_sent` enum('yes','no') NOT NULL DEFAULT 'no',
+  `contact_Confirmed` enum('True','False') NOT NULL DEFAULT 'True',
+  `is_test_profile` enum('0','1') DEFAULT '0',
+  `Google` enum('None','Eligible','Emailed','Issued') NOT NULL DEFAULT 'None',
+  `Google_Value_ID` int(11) NOT NULL DEFAULT '0',
+  `Google_Expiry` timestamp NOT NULL DEFAULT '0000-00-00 00:00:00',
+  `app_installer_active` tinyint(1) DEFAULT '1',
+  PRIMARY KEY (`ID`),
+  KEY `Login` (`Login`),
+  KEY `Password` (`Password`),
+  KEY `Notifyemail_Invoice` (`Notifyemail_Invoice`(20)),
+  KEY `Client_Number` (`Client_Number`)
+) ENGINE=InnoDB AUTO_INCREMENT=185532 DEFAULT CHARSET=latin1;
+

data/lib/soar/authentication/identity_uuid_translator/test/fixtures/roles_table.json

@@ -0,0 +1,27 @@
+{
+    "table_name": "identity_roles",
+    "key_schema": [
+        {
+            "attribute_name": "identity_uuid",
+            "key_type": "HASH" 
+        },
+        {
+            "attribute_name": "identity_role",
+            "key_type": "RANGE" 
+        }
+    ],
+    "attribute_definitions": [
+        {
+            "attribute_name": "identity_uuid",
+            "attribute_type": "S"
+        },
+        {
+            "attribute_name": "identity_role",
+            "attribute_type": "S"
+        }
+    ],
+    "provisioned_throughput": { 
+        "read_capacity_units": 10,
+        "write_capacity_units": 10
+    }
+}

data/lib/soar/authentication/identity_uuid_translator/test/fixtures/staff.json

@@ -0,0 +1,18 @@
+[
+    {
+        "entryuuid": "62936e70-1815-439b-bf89-8492855a7e6b",
+        "mail": "test+publisher@hetzner.co.za"
+    }, 
+    {
+        "entryuuid": "43353f18-8afe-11e6-ae22-56b6b6499611",
+        "mail": "test+consumer@hetzner.co.za"
+    }, 
+    {
+        "entryuuid": "820d5660-2204-4f7d-8c04-746313439b81",
+        "mail": "admin@hetzner.co.za"
+    },
+    {
+        "entryuuid": "1ff472a6-8df3-4f13-82c3-89fde26db3cf",
+        "mail": "none@example.com"
+    }
+]

data/lib/soar/authentication/identity_uuid_translator/test/orchestration_provider/base.rb

@@ -0,0 +1,78 @@
+require 'soar/authentication/identity_uuid_translator/factory'
+require 'soar/authentication/identity_uuid_translator/uuid_generator'
+require 'soar/authentication/identity_uuid_translator/role_generator'
+require 'soar/registry/directory'
+require 'object_selector'
+require 'faker'
+require 'hashie'
+
+module Soar
+  module Authentication
+    module IdentityUuidTranslator
+      module Test
+        module OrchestrationProvider
+          class Base
+
+            def given_roles_directory
+              roles_directory_configuration = YAML.load_file("config/#{ENV['ROLES_DIRECTORY_CONFIG_FILE']}")
+              @roles_directory = Soar::Registry::Directory.new(
+                Soar::Registry::Directory::Provider::DynamoDb.new(Hashie.symbolize_keys(roles_directory_configuration['config']))
+              )
+              @roles_directory.provider.recreate_table({
+                name: roles_directory_configuration['config']['table'][:name],
+                structure: JSON.parse(File.read("lib/soar/authentication/identity_uuid_translator/test/fixtures/roles_table.json"))
+              })
+            end
+
+            def given_role_generator
+              @role_generator = Soar::Authentication::IdentityUuidTranslator::RoleGenerator.new(@roles_directory)
+            end
+
+            def given_identity_uuid_translator
+              @identity_uuid_translator = Soar::Authentication::IdentityUuidTranslator::Factory::create({
+                value: @identifier,
+                selector: ObjectSelector.new(
+                  ObjectSelector::Provider::RegexRuleList.new({
+                    rules: [
+                      {
+                        regex: /\A[\w+\-.]+@hetzner.co.za\z/i,
+                        object: Soar::Authentication::IdentityUuidTranslator::Provider::Staff.new(
+                          identifier: @identifier,
+                          identity_registry: @identity_registry,
+                          role_generator: @role_generator ? @role_generator : nil
+                        )
+                      },
+                      {
+                        regex: /\A[\w+\-.]+@.+/i,
+                        object: Soar::Authentication::IdentityUuidTranslator::Provider::Customer.new(
+                          identifier: @identifier,
+                          identity_registry: @identity_registry,
+                          uuid_generator: Soar::Authentication::IdentityUuidTranslator::UuidGenerator, 
+                          role_generator: @role_generator ? @role_generator : nil
+                        )
+                      },
+                      {
+                        regex: /\A[CF]{0,1}\d+\z/,
+                        object: Soar::Authentication::IdentityUuidTranslator::Provider::Customer.new(
+                          identifier: @identifier,
+                          identity_registry: @identity_registry,
+                          uuid_generator: Soar::Authentication::IdentityUuidTranslator::UuidGenerator, 
+                          role_generator: @role_generator ? @role_generator : nil
+                        )
+                      }
+                    ]
+                  })
+                )
+              })
+            end
+
+            def request_identity_uuid
+              @uuid = @identity_uuid_translator.uuid()
+            end
+
+          end
+        end
+      end
+    end
+  end
+end