uffizzi_core 0.8.0 → 1.0.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 8dea69b2a59531600dfb66428f656f48199aca57b46090feb7908c4c2649d6a0
-  data.tar.gz: '0049394671ce7727844814ebe46a671a9a1d420063546d5d12faf1d61748f5bb'
+  metadata.gz: 9e845782f77d940f0bf244d792b59cab89df2712937e6b77f3bec3bc62653f3b
+  data.tar.gz: eb8a760d66cbdc40b7e441a783870483ca3c72ffe8fa212e4ee93aa9c9718bf1
 SHA512:
-  metadata.gz: 278c7ce3923efa9d4db4476eb3ddad88c28b664af7fbf75a0c7547921d478ad6860fd7ea5987932bbcdcf1d01a418c55bac388a864e1f186468d3ec163f911cf
-  data.tar.gz: 83927e7d75d0e926cc1d42f16f31c9e086de1daedd33cb1315b60e118896f9d90b3ee102893ef7e9716e7e354c793610e609ae64aaf7be1657694fe166a62480
+  metadata.gz: 4e6093cb8c244cf7c22044add288ee501c94968436407d2138c32763806266d4877d6c915464cc988d868e91ac0ae50e47fac05408e7e2d432638bfd15929a0e
+  data.tar.gz: 29c118eb1355950bf9ce5c590e4562490dec59fc1ca9cbbb4028d504f2a28b7cc155fd471f74948796a0f213cabe4c68330921dd9a6caa24ac41247e3f139bf6

data/app/contexts/uffizzi_core/account_context.rb

@@ -0,0 +1,12 @@
+# frozen_string_literal: true
+
+class UffizziCore::AccountContext
+  attr_reader :user, :user_access_module, :account, :params
+
+  def initialize(user, user_access_module, account, params)
+    @user = user
+    @user_access_module = user_access_module
+    @account = account
+    @params = params
+  end
+end

data/app/contexts/uffizzi_core/base_context.rb

@@ -1,12 +1,11 @@
 # frozen_string_literal: true
 
 class UffizziCore::BaseContext
-  attr_reader :user, :user_access_module, :params, :account
+  attr_reader :user, :user_access_module, :params
 
   def initialize(user, user_access_module, params)
     @user = user
     @user_access_module = user_access_module
-    @account = user.organizational_account
     @params = params
   end
 end

data/app/contexts/uffizzi_core/project_context.rb

@@ -3,10 +3,10 @@
 class UffizziCore::ProjectContext
   attr_reader :user, :user_access_module, :project, :account, :params
 
-  def initialize(user, user_access_module, project, params)
+  def initialize(user, user_access_module, project, account, params)
     @user = user
     @user_access_module = user_access_module
-    @account = user.organizational_account
+    @account = account
     @project = project
     @params = params
   end

data/app/controllers/concerns/uffizzi_core/dependency_injection_concern.rb

@@ -15,6 +15,12 @@ module UffizziCore::DependencyInjectionConcern
     module_class(:volume_parser)
   end
 
+  def ci_session
+    return unless module_exists?(:ci_session)
+
+    module_class(:ci_session)
+  end
+
   def password_protection_module
     return unless module_exists?(:password_protection)
 

data/app/controllers/uffizzi_core/api/cli/v1/accounts/application_controller.rb

@@ -0,0 +1,11 @@
+# frozen_string_literal: true
+
+class UffizziCore::Api::Cli::V1::Accounts::ApplicationController < UffizziCore::Api::Cli::V1::ApplicationController
+  def resource_account
+    @resource_account ||= current_user.accounts.find(params[:account_id])
+  end
+
+  def policy_context
+    UffizziCore::AccountContext.new(current_user, user_access_module, resource_account, params)
+  end
+end

data/app/controllers/uffizzi_core/api/cli/v1/{account → accounts}/credentials_controller.rb

@@ -1,8 +1,8 @@
 # frozen_string_literal: true
 
 # @resource Account/Credential
-class UffizziCore::Api::Cli::V1::Account::CredentialsController < UffizziCore::Api::Cli::V1::Account::ApplicationController
-  before_action :authorize_uffizzi_core_api_cli_v1_account_credentials
+class UffizziCore::Api::Cli::V1::Accounts::CredentialsController < UffizziCore::Api::Cli::V1::Accounts::ApplicationController
+  before_action :authorize_uffizzi_core_api_cli_v1_accounts_credentials
 
   # Get a list of accounts credential
   #

data/app/controllers/uffizzi_core/api/cli/v1/accounts/projects_controller.rb

@@ -0,0 +1,34 @@
+# frozen_string_literal: true
+
+# @resource Project
+
+class UffizziCore::Api::Cli::V1::Accounts::ProjectsController < UffizziCore::Api::Cli::V1::Accounts::ApplicationController
+  before_action :authorize_uffizzi_core_api_cli_v1_accounts_projects
+
+  # Create a project
+  #
+  # @path [POST] /api/cli/v1/accounts/{account_id}/projects
+  # @parameter params(required,body) [object<name: string, slug: string, description: string>]
+  #
+  # @response <object< project: Project>> 200 OK
+  # @response 404 Not Found
+  # @response 401 Not authorized
+  # @response [object<errors: object<password: string >>] 422 Unprocessable entity
+
+  def create
+    project_form = UffizziCore::Api::Cli::V1::Project::CreateForm.new(project_params)
+    project_form.account = current_user.organizational_account
+
+    if project_form.save
+      UffizziCore::ProjectService.add_users_to_project!(project_form, current_user)
+    end
+
+    respond_with project_form
+  end
+
+  private
+
+  def project_params
+    params.require(:project)
+  end
+end

data/app/controllers/uffizzi_core/api/cli/v1/ci/application_controller.rb

@@ -0,0 +1,5 @@
+# frozen_string_literal: true
+
+class UffizziCore::Api::Cli::V1::Ci::ApplicationController < UffizziCore::Api::Cli::V1::ApplicationController
+  before_action :authenticate_request!
+end

data/app/controllers/uffizzi_core/api/cli/v1/ci/sessions_controller.rb

@@ -0,0 +1,36 @@
+# frozen_string_literal: true
+
+# @resource Uffizzi
+
+class UffizziCore::Api::Cli::V1::Ci::SessionsController < UffizziCore::Api::Cli::V1::Ci::ApplicationController
+  skip_before_action :authenticate_request!, only: [:create]
+
+  # Create session
+  #
+  # @path [POST] /api/cli/v1/github/session
+  #
+  # @parameter user(required,body)   [object<token: string >]
+  # @response [object<account_id: string, project_slug: string>] 201 Created successfully
+  # @response [object<errors: object<token: string >>] 422 Unprocessable entity
+  def create
+    return render json: { errors: { title: [I18n.t('session.unsupported_login_type')] } }, status: :unprocessable_entity unless ci_session
+
+    session_data, errors = ci_session.session_data_from_ci(user_params)
+    return render json: { errors: errors }, status: :unprocessable_entity if errors.present?
+
+    sign_in(session_data[:user])
+
+    data = {
+      account_id: session_data[:account_id],
+      project_slug: session_data[:project_slug],
+    }
+
+    render json: data, status: :created
+  end
+
+  private
+
+  def user_params
+    params.require(:user).permit(:token)
+  end
+end

data/app/controllers/uffizzi_core/api/cli/v1/projects/application_controller.rb

@@ -5,7 +5,11 @@ class UffizziCore::Api::Cli::V1::Projects::ApplicationController < UffizziCore::
     @resource_project ||= current_user.projects.find_by!(slug: params[:project_slug])
   end
 
+  def resource_account
+    @resource_account ||= resource_project.account
+  end
+
   def policy_context
-    UffizziCore::ProjectContext.new(current_user, user_access_module, resource_project, params)
+    UffizziCore::ProjectContext.new(current_user, user_access_module, resource_project, resource_account, params)
   end
 end

data/app/controllers/uffizzi_core/api/cli/v1/projects/deployments/activity_items_controller.rb

@@ -15,7 +15,14 @@ class UffizziCore::Api::Cli::V1::Projects::Deployments::ActivityItemsController
   # @response 401 Not authorized
   # @response 404 Not found
   def index
-    activity_items = resource_deployment
+    deployment = resource_project.deployments.existed.find(params[:deployment_id])
+
+    unless deployment.active?
+      return render json: { errors: { title: [I18n.t('deployment.invalid_state', state: deployment.state)] } },
+                    status: :unprocessable_entity
+    end
+
+    activity_items = deployment
       .activity_items
       .page(page)
       .per(per_page)

data/app/controllers/uffizzi_core/api/cli/v1/projects_controller.rb

@@ -25,30 +25,7 @@ class UffizziCore::Api::Cli::V1::ProjectsController < UffizziCore::Api::Cli::V1:
   # @response 404 Not Found
   # @response 401 Not authorized
   def show
-    project = current_user.projects.find_by!(slug: params[:slug])
-
-    respond_with project
-  end
-
-  # Create a project
-  #
-  # @path [POST] /api/cli/v1/projects
-  # @parameter params(required,body) [object<name: string, slug: string, description: string>]
-  #
-  # @response <object< project: Project>> 200 OK
-  # @response 404 Not Found
-  # @response 401 Not authorized
-  # @response [object<errors: object<password: string >>] 422 Unprocessable entity
-
-  def create
-    project_form = UffizziCore::Api::Cli::V1::Project::CreateForm.new(project_params)
-    project_form.account = current_user.organizational_account
-
-    if project_form.save
-      UffizziCore::ProjectService.add_users_to_project!(project_form, current_user)
-    end
-
-    respond_with project_form
+    respond_with resource_project
   end
 
   # Delete a project
@@ -60,8 +37,7 @@ class UffizziCore::Api::Cli::V1::ProjectsController < UffizziCore::Api::Cli::V1:
   # @response 401 Not authorized
 
   def destroy
-    project = current_user.organizational_account.active_projects.find_by!(slug: params[:slug])
-    project.disable!
+    resource_project.disable!
 
     head :no_content
   end
@@ -71,4 +47,14 @@ class UffizziCore::Api::Cli::V1::ProjectsController < UffizziCore::Api::Cli::V1:
   def project_params
     params.require(:project)
   end
+
+  def resource_project
+    @resource_project ||= current_user.projects.find_by(slug: params[:slug])
+  end
+
+  def policy_context
+    account = resource_project&.account || current_user.organizational_account
+
+    UffizziCore::AccountContext.new(current_user, user_access_module, account, params)
+  end
 end

data/app/controllers/uffizzi_core/application_controller.rb

@@ -19,10 +19,16 @@ class UffizziCore::ApplicationController < ActionController::Base
     render_not_found(exception)
   end
 
+  rescue_from Pundit::NotAuthorizedError, with: :render_not_authorized
+
   before_action :authenticate_request!
   skip_before_action :verify_authenticity_token
   respond_to :json
 
+  def render_not_authorized
+    render json: { errors: { title: [I18n.t('session.unauthorized')] } }, status: :forbidden
+  end
+
   def policy_context
     UffizziCore::BaseContext.new(current_user, user_access_module, params)
   end

data/app/lib/uffizzi_core/concerns/models/account.rb

@@ -24,7 +24,6 @@ module UffizziCore::Concerns::Models::Account
     has_many :projects, dependent: :destroy
     has_many :deployments, through: :projects
     has_many :payments, dependent: :destroy
-    has_many :invitations, as: :entityable
 
     aasm(:state) do
       state :active, initial: true

data/app/lib/uffizzi_core/concerns/models/project.rb

@@ -16,7 +16,6 @@ module UffizziCore::Concerns::Models::Project
     has_many :deployments, dependent: :destroy
     has_many :user_projects, dependent: :destroy
     has_many :users, through: :user_projects
-    has_many :invitations, as: :entityable
     has_many :config_files, dependent: :destroy
     has_many :templates, dependent: :destroy
     has_many :credentials, through: :account

data/app/lib/uffizzi_core/concerns/models/user_project.rb

@@ -8,7 +8,7 @@ module UffizziCore::Concerns::Models::UserProject
 
     self.table_name = UffizziCore.table_names[:user_projects]
 
-    enumerize :role, in: UffizziCore.user_project_roles, predicates: true
+    enumerize :role, in: UffizziCore.user_project_roles, predicates: true, scope: true
     validates :role, presence: true
 
     belongs_to :user

data/app/models/uffizzi_core/project.rb

@@ -8,6 +8,7 @@
 # @property secrets [string]
 # @property default_compose [object<source: string>]
 # @property deployments [object<id: integer, domain: string>]
+# @property account [object<id: integer, kind: string, state: string>]
 
 class UffizziCore::Project < UffizziCore::ApplicationRecord
   include UffizziCore::Concerns::Models::Project

data/app/policies/uffizzi_core/api/cli/v1/{account → accounts}/credentials_policy.rb

@@ -1,6 +1,6 @@
 # frozen_string_literal: true
 
-class UffizziCore::Api::Cli::V1::Account::CredentialsPolicy < UffizziCore::ApplicationPolicy
+class UffizziCore::Api::Cli::V1::Accounts::CredentialsPolicy < UffizziCore::ApplicationPolicy
   def index?
     context.user_access_module.admin_access_to_account?(context.user, context.account)
   end

data/app/policies/uffizzi_core/api/cli/v1/accounts/projects_policy.rb

@@ -0,0 +1,7 @@
+# frozen_string_literal: true
+
+class UffizziCore::Api::Cli::V1::Accounts::ProjectsPolicy < UffizziCore::ApplicationPolicy
+  def create?
+    context.user_access_module.admin_or_developer_access_to_account?(context.user, context.account)
+  end
+end

data/app/policies/uffizzi_core/api/cli/v1/projects_policy.rb

@@ -9,10 +9,6 @@ class UffizziCore::Api::Cli::V1::ProjectsPolicy < UffizziCore::ApplicationPolicy
     context.user_access_module.any_access_to_account?(context.user, context.account)
   end
 
-  def create?
-    context.user_access_module.admin_or_developer_access_to_account?(context.user, context.account)
-  end
-
   def destroy?
     context.user_access_module.admin_or_developer_access_to_account?(context.user, context.account)
   end

data/app/serializers/uffizzi_core/api/cli/v1/{account → accounts}/credential_serializer.rb

@@ -1,6 +1,6 @@
 # frozen_string_literal: true
 
-class UffizziCore::Api::Cli::V1::Account::CredentialSerializer < UffizziCore::BaseSerializer
+class UffizziCore::Api::Cli::V1::Accounts::CredentialSerializer < UffizziCore::BaseSerializer
   attributes :id, :username, :password, :type, :state
 
   def password

data/app/serializers/uffizzi_core/api/cli/v1/accounts/project_serializer.rb

@@ -0,0 +1,11 @@
+# frozen_string_literal: true
+
+class UffizziCore::Api::Cli::V1::Accounts::ProjectSerializer < UffizziCore::BaseSerializer
+  type :project
+
+  attributes :name,
+             :slug,
+             :account_id,
+             :description,
+             :created_at
+end

data/app/serializers/uffizzi_core/api/cli/v1/project_serializer/account_serializer.rb

@@ -0,0 +1,5 @@
+# frozen_string_literal: true
+
+class UffizziCore::Api::Cli::V1::ProjectSerializer::AccountSerializer < UffizziCore::BaseSerializer
+  attributes :id, :kind, :state, :name
+end

data/app/serializers/uffizzi_core/api/cli/v1/project_serializer.rb

@@ -5,6 +5,7 @@ class UffizziCore::Api::Cli::V1::ProjectSerializer < UffizziCore::BaseSerializer
   has_many :deployments
   has_many :secrets
   has_one :default_compose
+  belongs_to :account
 
   attributes :name,
              :slug,

data/app/serializers/uffizzi_core/api/cli/v1/short_project_serializer.rb

@@ -3,5 +3,5 @@
 class UffizziCore::Api::Cli::V1::ShortProjectSerializer < UffizziCore::BaseSerializer
   type :project
 
-  attributes :name, :slug
+  attributes :name, :slug, :account_id
 end

data/app/serializers/uffizzi_core/api/cli/v1/user_serializer/account_serializer.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 class UffizziCore::Api::Cli::V1::UserSerializer::AccountSerializer < UffizziCore::BaseSerializer
-  attributes :id, :state
+  attributes :id, :kind, :state, :name
 end

data/config/locales/en.yml

@@ -70,3 +70,8 @@ en:
   secrets:
     duplicates_exists: Secret with key %{secrets} already exist.
     invalid_key_length: A secret key must be no longer than 256 characters.
+  deployment:
+    invalid_state: Deployment %{state}
+  session:
+    unsupported_login_type: This type of login is not supported
+    unauthorized: Unauthorized

data/config/routes.rb

@@ -7,7 +7,7 @@ UffizziCore::Engine.routes.draw do
   namespace :api, defaults: { format: :json } do
     namespace :cli do
       namespace :v1 do
-        resources :projects, only: ['index', 'show', 'create', 'destroy'], param: :slug do
+        resources :projects, only: ['index', 'show', 'destroy'], param: :slug do
           scope module: :projects do
             resource :compose_file, only: ['show', 'create', 'destroy']
             resources :deployments, only: ['index', 'show', 'create', 'destroy', 'update'] do
@@ -36,8 +36,13 @@ UffizziCore::Engine.routes.draw do
         end
         resource :session, only: ['create', 'destroy']
 
-        resource :account, only: [] do
-          scope module: :account do
+        namespace :ci do
+          resource :session, only: ['create']
+        end
+
+        resources :accounts, only: [] do
+          scope module: :accounts do
+            resources :projects, only: ['create']
             resources :credentials, only: ['index', 'create', 'update', 'destroy'], param: :type do
               member do
                 get :check_credential

data/lib/uffizzi_core/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module UffizziCore
-  VERSION = '0.8.0'
+  VERSION = '1.0.0'
 end

data/lib/uffizzi_core.rb

@@ -60,4 +60,5 @@ module UffizziCore
   }
   mattr_accessor :user_creation_sources, default: [:system, :online_registration, :google, :sso]
   mattr_accessor :user_project_roles, default: [:admin, :developer, :viewer]
+  mattr_accessor :account_sources, default: [:manual]
 end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: uffizzi_core
 version: !ruby/object:Gem::Version
-  version: 0.8.0
+  version: 1.0.0
 platform: ruby
 authors:
 - Josh Thurman
@@ -9,7 +9,7 @@ authors:
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2022-08-25 00:00:00.000000000 Z
+date: 2022-08-31 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: aasm
@@ -701,15 +701,19 @@ files:
 - app/clients/uffizzi_core/github_container_registry_client/request_result.rb
 - app/clients/uffizzi_core/google_registry_client.rb
 - app/clients/uffizzi_core/google_registry_client/request_result.rb
+- app/contexts/uffizzi_core/account_context.rb
 - app/contexts/uffizzi_core/base_context.rb
 - app/contexts/uffizzi_core/project_context.rb
 - app/contexts/uffizzi_core/webhooks_context.rb
 - app/controllers/concerns/uffizzi_core/auth_management.rb
 - app/controllers/concerns/uffizzi_core/authorization_concern.rb
 - app/controllers/concerns/uffizzi_core/dependency_injection_concern.rb
-- app/controllers/uffizzi_core/api/cli/v1/account/application_controller.rb
-- app/controllers/uffizzi_core/api/cli/v1/account/credentials_controller.rb
+- app/controllers/uffizzi_core/api/cli/v1/accounts/application_controller.rb
+- app/controllers/uffizzi_core/api/cli/v1/accounts/credentials_controller.rb
+- app/controllers/uffizzi_core/api/cli/v1/accounts/projects_controller.rb
 - app/controllers/uffizzi_core/api/cli/v1/application_controller.rb
+- app/controllers/uffizzi_core/api/cli/v1/ci/application_controller.rb
+- app/controllers/uffizzi_core/api/cli/v1/ci/sessions_controller.rb
 - app/controllers/uffizzi_core/api/cli/v1/projects/application_controller.rb
 - app/controllers/uffizzi_core/api/cli/v1/projects/compose_files_controller.rb
 - app/controllers/uffizzi_core/api/cli/v1/projects/deployments/activity_items_controller.rb
@@ -774,7 +778,6 @@ files:
 - app/lib/uffizzi_core/concerns/models/credential.rb
 - app/lib/uffizzi_core/concerns/models/deployment.rb
 - app/lib/uffizzi_core/concerns/models/event.rb
-- app/lib/uffizzi_core/concerns/models/invitation.rb
 - app/lib/uffizzi_core/concerns/models/membership.rb
 - app/lib/uffizzi_core/concerns/models/payment.rb
 - app/lib/uffizzi_core/concerns/models/price.rb
@@ -817,7 +820,6 @@ files:
 - app/models/uffizzi_core/database_offering.rb
 - app/models/uffizzi_core/deployment.rb
 - app/models/uffizzi_core/event.rb
-- app/models/uffizzi_core/invitation.rb
 - app/models/uffizzi_core/membership.rb
 - app/models/uffizzi_core/payment.rb
 - app/models/uffizzi_core/price.rb
@@ -836,7 +838,8 @@ files:
 - app/models/uffizzi_core/template.rb
 - app/models/uffizzi_core/user.rb
 - app/models/uffizzi_core/user_project.rb
-- app/policies/uffizzi_core/api/cli/v1/account/credentials_policy.rb
+- app/policies/uffizzi_core/api/cli/v1/accounts/credentials_policy.rb
+- app/policies/uffizzi_core/api/cli/v1/accounts/projects_policy.rb
 - app/policies/uffizzi_core/api/cli/v1/projects/compose_files_policy.rb
 - app/policies/uffizzi_core/api/cli/v1/projects/deployments/activity_items_policy.rb
 - app/policies/uffizzi_core/api/cli/v1/projects/deployments/containers_policy.rb
@@ -864,8 +867,10 @@ files:
 - app/repositories/uffizzi_core/usage_repo.rb
 - app/repositories/uffizzi_core/user_repo.rb
 - app/responders/uffizzi_core/json_responder.rb
-- app/serializers/uffizzi_core/api/cli/v1/account/credential_serializer.rb
+- app/serializers/uffizzi_core/api/cli/v1/accounts/credential_serializer.rb
+- app/serializers/uffizzi_core/api/cli/v1/accounts/project_serializer.rb
 - app/serializers/uffizzi_core/api/cli/v1/project_serializer.rb
+- app/serializers/uffizzi_core/api/cli/v1/project_serializer/account_serializer.rb
 - app/serializers/uffizzi_core/api/cli/v1/project_serializer/compose_file_serializer.rb
 - app/serializers/uffizzi_core/api/cli/v1/project_serializer/deployment_serializer.rb
 - app/serializers/uffizzi_core/api/cli/v1/projects/compose_file_serializer.rb

data/app/controllers/uffizzi_core/api/cli/v1/account/application_controller.rb

@@ -1,7 +0,0 @@
-# frozen_string_literal: true
-
-class UffizziCore::Api::Cli::V1::Account::ApplicationController < UffizziCore::Api::Cli::V1::ApplicationController
-  def resource_account
-    @resource_account ||= current_user.organizational_account
-  end
-end

data/app/lib/uffizzi_core/concerns/models/invitation.rb

@@ -1,31 +0,0 @@
-# frozen_string_literal: true
-
-module UffizziCore::Concerns::Models::Invitation
-  extend ActiveSupport::Concern
-
-  included do
-    include AASM
-    include UffizziCore::StateMachineConcern
-    extend Enumerize
-
-    self.table_name = UffizziCore.table_names[:invitations]
-
-    enumerize :role, in: [:admin, :developer, :viewer], predicates: true
-
-    belongs_to :entityable, polymorphic: true
-    belongs_to :invited_by, class_name: UffizziCore::User.name, foreign_key: :invited_by_id
-    belongs_to :invitee, class_name: UffizziCore::User.name, foreign_key: :invitee_id, optional: true
-
-    validates :email, presence: true, 'uffizzi_core/email': true
-    validates :token, presence: true, uniqueness: true
-
-    aasm(:status) do
-      state :pending, initial: true
-      state :accepted
-
-      event :accept do
-        transitions from: :pending, to: :accepted
-      end
-    end
-  end
-end

data/app/models/uffizzi_core/invitation.rb

@@ -1,5 +0,0 @@
-# frozen_string_literal: true
-
-class UffizziCore::Invitation < UffizziCore::ApplicationRecord
-  include UffizziCore::Concerns::Models::Invitation
-end