subscribed_to 0.2.0 → 0.3.0

data/Gemfile

@@ -7,6 +7,7 @@ gem "hominid", ">= 3.0.2"
 # Include everything needed to run rake, tests, features, etc.
 group :development do
   gem "sqlite3-ruby", :require => "sqlite3"
+  gem 'database_cleaner'
   gem "factory_girl_rails", "1.0.1"
   gem "mocha", "0.9.12"
   gem "rspec-rails", "2.5.0"

data/Gemfile.lock

@@ -30,6 +30,7 @@ GEM
     activesupport (3.0.7)
     arel (2.0.9)
     builder (2.1.2)
+    database_cleaner (0.6.7)
     diff-lcs (1.1.2)
     erubis (2.6.6)
       abstract (>= 1.0.0)
@@ -110,6 +111,7 @@ PLATFORMS
 DEPENDENCIES
   activerecord
   bundler (~> 1.0.0)
+  database_cleaner
   factory_girl_rails (= 1.0.1)
   generator_spec
   hanna

data/README.rdoc

@@ -30,6 +30,8 @@ API v1.3 - http://apidocs.mailchimp.com/1.3
 * listUpdateMember
 
 
+Adds support for MailChimp webhooks
+
 <b>Constant Contact</b>
 
 Planned
@@ -78,6 +80,36 @@ Set up your mailing lists to subscribe users to. List names can be any valid sym
       :id => "xxxxxxxx",
       :merge_vars => {"FNAME" => :first_name, "LNAME" => :last_name, "EMAIL" => :email}}}
 
+Set your secret key for the webhook URL.
+
+Keep this key a secret. It's the only line of defense of preventing unwanted POST requests to the URL.
+
+  mail_chimp_config.secret_key = "my_secret_key_that_i_will_change"
+
+==== Webhooks
+
+The gem sets up support for MailChimp webhooks. Read more here: http://apidocs.mailchimp.com/webhooks/
+
+First, you need to setup webhooks in your MailChimp account.
+
+1) On the list tools page, click the "WebHooks" link.
+
+2) Enter the webhook URL as:
+  http://mywebapp.com/subscribed_to/mail_chimp?key=<secret_key_defined_in_config>
+
+3) Enable updates for events:
+* Subscribes
+* Unsubscribes
+* Profile Updates
+* Email Changed
+
+4) Send updates when a change was made by...
+* A subscriber
+* Account admin
+* Via the API
+
+5) Click "Update"
+
 === User Model Configuration
 
 You must enable *SubscribedTo* in your user model with <tt>subscribed_to</tt>.

data/app/controllers/subscribed_to/mail_chimp_web_hooks_controller.rb

@@ -0,0 +1,19 @@
+module SubscribedTo
+  class MailChimpWebHooksController < ApplicationController
+
+    unloadable
+
+    # Handle MailChimp webhooks
+    # Requires a secret key be set in the SubscribedTo initializer.
+    # Include the secret key in the post URL for the webhook in your MailChimp account.
+    def create
+      key = params.delete("key")
+      unless key.blank? || key != SubscribedTo.mail_chimp_config.secret_key
+        SubscribedTo::MailChimp::WebHook.process(params)
+        render :text => nil, :status => 200
+      else
+        render :text => nil, :status => 404
+      end
+    end
+  end
+end

data/config/routes.rb

@@ -0,0 +1,5 @@
+Rails.application.routes.draw do
+  namespace :subscribed_to do
+    match "mail_chimp" => "mail_chimp_web_hooks#create", :via => :post
+  end
+end

data/lib/active_record_extensions.rb

@@ -0,0 +1,10 @@
+module ActiveRecord #:nodoc:
+  module Persistence
+    # We need to skip the after_update callback here. Otherwise, we'll trigger a loop of MailChimp updates.
+    def save_without_update_list_member(options)
+      self.class.skip_callback(:update, :after, :update_list_member)
+      self.save(options)
+      self.class.set_callback(:update, :after, :update_list_member)
+    end
+  end
+end

data/lib/generators/subscribed_to/templates/migration.rb

@@ -1,9 +1,17 @@
 class <%= migration_name.camelize %> < ActiveRecord::Migration
   def self.up
     add_column :<%= table_name.to_sym %>, :subscribed_to_list, :boolean, :default => false
+    <%- if options.service == "mail_chimp" -%>
+    add_column :<%= table_name.to_sym %>, :mail_chimp_id, :integer
+    add_index :<%= table_name.to_sym %>, :mail_chimp_id
+    <%- end -%>
   end
 
   def self.down
     remove_column :<%= table_name.to_sym %>, :subscribed_to_list
+    <%- if options.service == "mail_chimp" -%>
+    remove_column :<%= table_name.to_sym %>, :mail_chimp_id, :integer
+    remove_index :<%= table_name.to_sym %>, :mail_chimp_id
+    <%- end -%>
   end
 end

data/lib/generators/subscribed_to/templates/subscribed_to.rb

@@ -16,6 +16,10 @@ SubscribedTo.setup do |config|
       :mailing_list => {
         :id => "xxxxxxxx",
         :merge_vars => {"FNAME" => :first_name, "LNAME" => :last_name, "EMAIL" => :email}}}
+
+    # Include this key in your MailChimp webhook URL.
+    # Keep it a secret!
+    mail_chimp_config.secret_key = "my_secret_key_that_i_will_change"
   end
   <%- end -%>
 end

data/lib/subscribed_to/engine.rb

@@ -0,0 +1,7 @@
+require "subscribed_to"
+require "rails"
+
+module SubscribedTo
+  class Engine < Rails::Engine  #:nodoc:
+  end
+end

data/lib/subscribed_to/mail_chimp/config.rb

@@ -17,12 +17,14 @@ module SubscribedTo
         end
       end
 
-      hash_accessor :api_key, :lists
+      hash_accessor :api_key, :lists, :secret_key, :enabled_models
 
       def initialize(config = {})
         merge!(config)
-        self[:api_key] ||= nil
-        self[:lists]   ||= {}
+        self[:api_key]        ||= nil
+        self[:lists]          ||= {}
+        self[:secret_key]     ||= "J/M7k+j8zBJI7SM5"
+        self[:enabled_models] ||= {}
       end
     end
   end

data/lib/subscribed_to/mail_chimp/web_hook.rb

@@ -0,0 +1,136 @@
+module SubscribedTo
+  module MailChimp
+
+    # Allows for the usage of MailChimp webhooks.
+    # http://apidocs.mailchimp.com/webhooks/
+    #
+    # To get started:
+    #
+    # 1) On the list tools page, click the "WebHooks" link.
+    #
+    # 2) Enter the webhook URL as:
+    #   http://mywebapp.com/subscribed_to/mail_chimp?key=<secret_key_defined_in_config>
+    #
+    # 3) Enable updates for events:
+    # * Subscribes
+    # * Unsubscribes
+    # * Profile Updates
+    # * Email Changed
+    #
+    # 4) Send updates when a change was made by...
+    # * A subscriber
+    # * Account admin
+    # * Via the API
+    #
+    # 5) Click "Update"
+    class WebHook
+      LIMIT = 120
+      attr_accessor :enabled_models
+
+      # Handles MailChimp webhook request.
+      # Takes in a hash of parameters from the webhook.
+      #
+      # Responds to four webhook events:
+      # * +subscribe+
+      # * +unsubscribe+
+      # * +upemail+
+      # * +profile+
+      #
+      # If a request comes in that does not match one of the four event types, it writes a warning to the default logger
+      #
+      # TODO: Write to a SubscribedTo specific log instead
+      def self.process(params)
+        type = params.delete("type").to_sym
+        hook = self.new(params)
+
+        hook.respond_to?(type) ?
+          hook.send(type.to_sym, params["data"]) :
+          Rails.logger.warn("WARNING: MailChimp WebHook does not support the #{type} event.")
+      rescue NoMethodError => e
+        Rails.logger.warn("WARNING: MailChimp WebHook: #{e.message}")
+      end
+
+      # Create a new instance and set some instance variables
+      def initialize(params) #:nodoc:
+        list_id             = params["data"].delete("list_id")
+        self.enabled_models = SubscribedTo.mail_chimp_config.enabled_models[list_id]
+      end
+
+      # When a user registers on the site, they are automatically queued for inclusion on the mailing list (if they opt-in).
+      #
+      # After a user confirms their subscription (MailChimp recommends a double opt-in strategy, but it's not required),
+      # a webhook request is sent which includes the "web_id" - a unique ID for mail chimp users. We'll record this id
+      # to use with other updates.
+      def subscribe(params)
+        web_id = params["web_id"]
+        email  = params["merges"]["EMAIL"]
+
+        subscriber = nil
+        enabled_models.each { |model| subscriber ||= model.constantize.find_by_email(email) }
+
+        subscriber.subscribed_to_list = true
+        subscriber.mail_chimp_id = web_id.to_i
+        subscriber.save_without_update_list_member(:validate => false)
+      end
+
+      # Set the subscribed_to_list attribute to false to prevent any future MailChimp API calls when the user updates
+      # their profile in the web app.
+      def unsubscribe(params)
+        web_id = params["web_id"]
+
+        subscriber = nil
+        enabled_models.each { |model| subscriber ||= model.constantize.find_by_mail_chimp_id(web_id) }
+
+        subscriber.subscribed_to_list = false
+        subscriber.save_without_update_list_member(:validate => false)
+      end
+
+      # If a user updates their email from one of the MailChimp forms (they may get there from a link in an email, or from
+      # the confirm subscription page), then a webhook will be sent to the app with the a notice of the changed email.
+      # This method will update the web app users's email.
+      #
+      # Is this a good idea?
+      #
+      # Theoretically, it seems like the best idea is to keep the web app user and mailing list subscriber email
+      # addresses in sync.
+      #
+      # However, if the web app makes use of login by email, this could create confusion for the user. In this case,
+      # it may be best to send an email to the user notifying them that their login information has changed.
+      def upemail(params)
+        old_email = params["old_email"]
+        new_email = params["new_email"]
+
+        subscriber = nil
+        enabled_models.each { |model| subscriber ||= model.constantize.find_by_email(old_email) }
+
+        unless over_the_limit(subscriber.updated_at)
+          subscriber.email = new_email
+          subscriber.save_without_update_list_member(:validate => false)
+        end
+      end
+
+      # If a user updates any of their subscription information via a MailChimp web form, we need to update that info
+      # in the web app.
+      #
+      # We only update the attributes defined in the SubscribedTo.mail_chimp_config[:lists] merge vars. If more information
+      # is sent via the merge vars from MailChimp, but it is not defined in the mail_chimp_config, it is ignored.
+      def profile(params)
+        web_id = params["web_id"]
+
+        subscriber = nil
+        enabled_models.each { |model| subscriber ||= model.constantize.find_by_mail_chimp_id(web_id) }
+
+        unless over_the_limit(subscriber.updated_at)
+          subscriber.class.merge_vars.each { |key, method| subscriber.send("#{method.to_s}=", params["merges"][key]) unless params["merges"][key].blank? }
+          subscriber.save_without_update_list_member(:validate => false)
+        end
+      end
+
+      private
+
+      def over_the_limit(updated_at)
+        (Time.zone.now - updated_at).seconds <= LIMIT
+      end
+    end
+  end
+end

data/lib/subscribed_to/mail_chimp.rb

@@ -1,4 +1,5 @@
 require 'subscribed_to/mail_chimp/config'
+require 'subscribed_to/mail_chimp/web_hook'
 require 'hominid'
 
 module SubscribedTo
@@ -13,7 +14,7 @@ module SubscribedTo
 
         if subscribed_to_list
           h = Hominid::API.new(SubscribedTo.mail_chimp_config.api_key)
-          h.list_subscribe(self.class.list_id, self.email, merge_vars.each { |key, method| merge_vars[key] = self.send(method.to_sym) })
+          h.list_subscribe(self.class.list_id, self.email, merge_vars.each { |key, method| merge_vars[key] = (self.send(method.to_sym) || "") })
         end
       rescue Hominid::APIError => e
         Rails.logger.warn e
@@ -40,7 +41,7 @@ module SubscribedTo
               h.list_subscribe(list_id, subscribed_email, merge_vars.each { |key, method| merge_vars[key] = self.send(method.to_sym) })
             end
           elsif subscribed_to_list && !(self.changed & merge_vars.collect { |key, method| method.to_s }).empty?
-            h.listUpdateMember(list_id, subscribed_email, merge_vars.each { |key, method| merge_vars[key] = self.send(method.to_sym) })
+            h.list_update_member(list_id, subscribed_email, merge_vars.each { |key, method| merge_vars[key] = self.send(method.to_sym) })
           end
         end
       rescue Hominid::APIError => e

data/lib/subscribed_to/version.rb

@@ -1,7 +1,7 @@
 module SubscribedTo
   module Version  #:nodoc:
     MAJOR = 0
-    MINOR = 2
+    MINOR = 3
     PATCH = 0
     BUILD = nil
 

data/lib/subscribed_to.rb

@@ -1,5 +1,6 @@
 require 'rails'
 require 'active_record'
+require 'active_record_extensions'
 require 'subscribed_to/mail_chimp'
 
 module SubscribedTo
@@ -26,6 +27,7 @@ module SubscribedTo
   #     config.mail_chimp do |mail_chimp_config|
   #       mail_chimp_config.api_key = "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX-us1"
   #       mail_chimp_config.lists = {:mailing_list => {:id => "123456", :merge_vars => {"FNAME" => :first_name}
+  #       mail_chimp_config.secret_key = "abc123"
   #     end
   #   end
   def self.mail_chimp(&block)
@@ -47,6 +49,11 @@ module SubscribedTo
 
       @list_key = id.to_sym
 
+      # We need to reference which models are enabled, and which list they belong to when processing the webhooks.
+      SubscribedTo.mail_chimp_config.enabled_models[self.list_id].blank? ?
+        SubscribedTo.mail_chimp_config.enabled_models[self.list_id] = [self.to_s] :
+        SubscribedTo.mail_chimp_config.enabled_models[self.list_id] << self.to_s
+
       class_eval do
         after_create :subscribe_to_list
         after_update :update_list_member
@@ -79,3 +86,5 @@ module SubscribedTo
 end
 
 ActiveRecord::Base.send :include, SubscribedTo
+
+require 'subscribed_to/engine'

data/spec/app/controllers/subscribed_to/mail_chimp_web_hooks_spec.rb

@@ -0,0 +1,147 @@
+require 'spec_helper'
+require 'rspec/rails'
+
+describe SubscribedTo::MailChimpWebHooksController do
+  include RSpec::Rails::ControllerExampleGroup
+
+  before do
+    SubscribedTo.mail_chimp do |config|
+      config.lists = {
+        :mailing_list => {
+          :id => "abc123",
+          :merge_vars => {"FNAME" => :first_name, "LNAME" => :last_name, "EMAIL" => :email}}}
+
+      # normally not set in config, but necessary for testing
+      config.enabled_models = {"abc123" => ["User"]}
+
+      config.secret_key = "abc123"
+    end
+  end
+
+  it "should respond with 404 to a request without a valid secret key" do
+    post :create
+    response.code.should eq "404"
+
+    post :create, { :key => "bad_key" }
+    response.code.should eq "404"
+  end
+
+  it "should respond with 200 to a request with a valid secret key" do
+    SubscribedTo::MailChimp::WebHook.stubs(:process).returns(true)
+    post :create, { :key => "abc123" }
+    response.code.should eq "200"
+  end
+
+  it "should quietly fail and log the error if no member is found" do
+    Rails.logger.expects(:warn).once
+    expect do
+      post :create, {
+        "key" => "abc123",
+        "type" => "subscribe",
+        "data" => {
+          "list_id" => "abc123",
+          "web_id" => "231546749",
+          "merges" => {
+            "EMAIL" => "fake.user@email.com" }}}
+    end.not_to raise_exception
+  end
+
+  it "should write a warning to the logger if the event is not supported" do
+    Rails.logger.expects(:warn).once
+    expect do
+      post :create, {
+        "key" => "abc123",
+        "type" => "nonevent",
+        "data" => { "list_id" => "abc123" }}
+    end.not_to raise_exception
+  end
+
+  context "for a new user" do
+    before(:each) do
+      @user = Factory.build(:non_subscribed_user)
+      @user.stubs(:subscribe_to_list)
+      @user.save
+      @user.expects(:update_list_member).never
+    end
+
+    context "when they subscribe" do
+      it "should set subscribed_to_list to true, and set the mail_chimp_id" do
+        @user.mail_chimp_id.should be_nil
+        expect do
+          expect do
+            post :create, {
+              "key" => "abc123",
+              "type" => "subscribe",
+              "data" => {
+                "list_id" => "abc123",
+                "web_id" => "231546749",
+                "merges" => {
+                  "EMAIL" => @user.email }}}
+          end.to change { @user.reload.subscribed_to_list }.from(false).to(true)
+        end.to change { @user.mail_chimp_id }.to(231546749)
+      end
+    end
+  end
+
+  context "for an existing user" do
+    before(:each) do
+      # user was updated 2:01 ago
+      pretend_now_is(Time.zone.now - 121.seconds) do
+        @user = Factory.build(:subscribed_user)
+        @user.stubs(:subscribe_to_list)
+        @user.save
+        @user.expects(:update_list_member).never
+      end
+    end
+
+    context "when they unsubscribe" do
+      it "should set subscribed_to_list to false" do
+        expect do
+          post :create, {
+            "key" => "abc123",
+            "type" => "unsubscribe",
+            "data" => {
+              "list_id" => "abc123",
+              "web_id" => "123",
+              "merges" => {
+                "EMAIL" => @user.email }}}
+        end.to change { @user.reload.subscribed_to_list }.from(true).to(false)
+      end
+    end
+
+    context "when they change their email" do
+      it "should update the user email" do
+        expect do
+          post :create, {
+            "key" => "abc123",
+            "type" => "upemail",
+            "data" => {
+              "list_id" => "abc123",
+              "new_email" => "my.new@email.com",
+              "old_email" => @user.email }}
+        end.to change { @user.reload.email }.to("my.new@email.com")
+      end
+    end
+
+    context "when they change their profile information" do
+      it "should update the attributes defined in the merge vars config" do
+        expect do
+          expect do
+            expect do
+              post :create, {
+                "key" => "abc123",
+                "type" => "profile",
+                "data" => {
+                  "list_id" => "abc123",
+                  "web_id" => "123",
+                  "merges" => {
+                    "EMAIL" => "my.new@email.com",
+                    "FNAME" => "John",
+                    "LNAME" => "Locke" }}}
+            end.to change { @user.reload.email }.to("my.new@email.com")
+          end.to change { @user.first_name }.to("John")
+        end.to change { @user.last_name }.to("Locke")
+      end
+    end
+  end
+end

data/spec/dummy/Rakefile

@@ -0,0 +1,7 @@
+# Add your own tasks in files placed in lib/tasks ending in .rake,
+# for example lib/tasks/capistrano.rake, and they will automatically be available to Rake.
+
+require File.expand_path('../config/application', __FILE__)
+require 'rake'
+
+Dummy::Application.load_tasks

data/spec/dummy/app/controllers/application_controller.rb

@@ -0,0 +1,3 @@
+class ApplicationController < ActionController::Base
+  protect_from_forgery
+end

data/spec/dummy/app/helpers/application_helper.rb

@@ -0,0 +1,2 @@
+module ApplicationHelper
+end

data/spec/dummy/app/models/user.rb

@@ -0,0 +1,3 @@
+class User < ActiveRecord::Base
+  subscribed_to :mailing_list
+end

data/spec/dummy/app/views/layouts/application.html.erb

@@ -0,0 +1,14 @@
+<!DOCTYPE html>
+<html>
+<head>
+  <title>Dummy</title>
+  <%= stylesheet_link_tag :all %>
+  <%= javascript_include_tag :defaults %>
+  <%= csrf_meta_tag %>
+</head>
+<body>
+
+<%= yield %>
+
+</body>
+</html>

data/spec/dummy/config/application.rb

@@ -0,0 +1,45 @@
+require File.expand_path('../boot', __FILE__)
+
+require "active_model/railtie"
+require "active_record/railtie"
+require "action_controller/railtie"
+require "action_view/railtie"
+require "action_mailer/railtie"
+
+Bundler.require
+require "subscribed_to"
+
+module Dummy
+  class Application < Rails::Application
+    # Settings in config/environments/* take precedence over those specified here.
+    # Application configuration should go into files in config/initializers
+    # -- all .rb files in that directory are automatically loaded.
+
+    # Custom directories with classes and modules you want to be autoloadable.
+    # config.autoload_paths += %W(#{config.root}/extras)
+
+    # Only load the plugins named here, in the order given (default is alphabetical).
+    # :all can be used as a placeholder for all plugins not explicitly named.
+    # config.plugins = [ :exception_notification, :ssl_requirement, :all ]
+
+    # Activate observers that should always be running.
+    # config.active_record.observers = :cacher, :garbage_collector, :forum_observer
+
+    # Set Time.zone default to the specified zone and make Active Record auto-convert to this zone.
+    # Run "rake -D time" for a list of tasks for finding time zone names. Default is UTC.
+    # config.time_zone = 'Central Time (US & Canada)'
+
+    # The default locale is :en and all translations from config/locales/*.rb,yml are auto loaded.
+    # config.i18n.load_path += Dir[Rails.root.join('my', 'locales', '*.{rb,yml}').to_s]
+    # config.i18n.default_locale = :de
+
+    # JavaScript files you want as :defaults (application.js is always included).
+    # config.action_view.javascript_expansions[:defaults] = %w(jquery rails)
+
+    # Configure the default encoding used in templates for Ruby 1.9.
+    config.encoding = "utf-8"
+
+    # Configure sensitive parameters which will be filtered from the log file.
+    config.filter_parameters += [:password]
+  end
+end

data/spec/dummy/config/boot.rb

@@ -0,0 +1,10 @@
+require 'rubygems'
+gemfile = File.expand_path('../../../../Gemfile', __FILE__)
+
+if File.exist?(gemfile)
+  ENV['BUNDLE_GEMFILE'] = gemfile
+  require 'bundler'
+  Bundler.setup
+end
+
+$:.unshift File.expand_path('../../../../lib', __FILE__)

data/spec/dummy/config/database.yml

@@ -0,0 +1,22 @@
+# SQLite version 3.x
+#   gem install sqlite3
+development:
+  adapter: sqlite3
+  database: db/development.sqlite3
+  pool: 5
+  timeout: 5000
+
+# Warning: The database defined as "test" will be erased and
+# re-generated from your development database when you run "rake".
+# Do not set this db to the same as development or production.
+test:
+  adapter: sqlite3
+  database: db/test.sqlite3
+  pool: 5
+  timeout: 5000
+
+production:
+  adapter: sqlite3
+  database: db/production.sqlite3
+  pool: 5
+  timeout: 5000

data/spec/dummy/config/environment.rb

@@ -0,0 +1,5 @@
+# Load the rails application
+require File.expand_path('../application', __FILE__)
+
+# Initialize the rails application
+Dummy::Application.initialize!

data/spec/dummy/config/environments/development.rb

@@ -0,0 +1,26 @@
+Dummy::Application.configure do
+  # Settings specified here will take precedence over those in config/application.rb
+
+  # In the development environment your application's code is reloaded on
+  # every request.  This slows down response time but is perfect for development
+  # since you don't have to restart the webserver when you make code changes.
+  config.cache_classes = false
+
+  # Log error messages when you accidentally call methods on nil.
+  config.whiny_nils = true
+
+  # Show full error reports and disable caching
+  config.consider_all_requests_local       = true
+  config.action_view.debug_rjs             = true
+  config.action_controller.perform_caching = false
+
+  # Don't care if the mailer can't send
+  config.action_mailer.raise_delivery_errors = false
+
+  # Print deprecation notices to the Rails logger
+  config.active_support.deprecation = :log
+
+  # Only use best-standards-support built into browsers
+  config.action_dispatch.best_standards_support = :builtin
+end
+