usman 0.1.6dev2 → 0.2.0

data/app/controllers/usman/user_roles_controller.rb

@@ -0,0 +1,141 @@
+module Usman
+  class UserRolesController < ResourceController
+
+    before_action :require_site_admin
+    before_action :get_role
+    
+    def index
+      get_collections
+      respond_to do |format|
+        format.html {}
+        format.js  { 
+          js_view_path = @resource_options && @resource_options[:js_view_path] ? "#{@resource_options[:js_view_path]}/index" : :index 
+          render js_view_path
+        }
+      end
+    end
+
+    def show
+      @user = @r_object = @resource_options[:class].find_by_id(params[:id])
+      set_notification(false, I18n.t('status.error'), I18n.t('status.not_found', item: default_item_name.titleize)) unless @r_object
+      render_accordingly
+    end
+
+    def new
+      @user = User.new
+      render_accordingly
+    end
+
+    def create
+      @user = @r_object = User.find_by_id(permitted_params[:id])
+      if @user.add_role(@role)
+        set_notification(true, I18n.t('status.success'), "Role '#{@role.name}' has been assigned to the user '#{@user.name}'")
+      else
+        set_notification(false, I18n.t('status.success'), "Failed to assign the Role '#{@role.name}'")
+      end
+      action_name = params[:action].to_s == "create" ? "new" : "edit"
+      render_or_redirect(false, resource_url(@r_object), action_name)
+    end
+
+    def destroy
+      @user = @r_object = User.find_by_id(params[:id])
+      if @user
+        if @user.remove_role(@role)
+          get_collections
+          set_flash_message(I18n.t('success.deleted'), :success)
+          set_notification(true, I18n.t('status.success'), "Role '#{@role.name}' has been removed for the user '#{@user.name}'")
+          @destroyed = true
+        else
+          message = I18n.t('errors.failed_to_delete', item: default_item_name.titleize)
+          set_flash_message(message, :failure)
+          set_notification(false, I18n.t('status.success'), "Failed to remove the Role '#{@role.name}'")
+          @destroyed = false
+        end
+      else
+        set_notification(false, I18n.t('status.error'), I18n.t('status.not_found', item: default_item_name.titleize))
+      end
+
+      respond_to do |format|
+        format.html {}
+        format.js  { 
+          js_view_path = @resource_options && @resource_options[:js_view_path] ? "#{@resource_options[:js_view_path]}/destroy" : :destroy 
+          render js_view_path
+        }
+      end
+
+    end
+
+    private
+
+    def get_role
+      @role = Role.find_by_id(params[:role_id])
+    end
+
+    def get_collections
+      @relation = @role.users.where("")
+
+      parse_filters
+      apply_filters
+      
+      @users = @r_objects = @relation.page(@current_page).per(@per_page)
+      
+      return true
+    end
+
+    def apply_filters
+      @relation = @relation.search(@query) if @query
+      
+      @order_by = "name ASC" unless @order_by
+      @relation = @relation.order(@order_by)
+    end
+
+    def configure_filter_settings
+      @filter_settings = {
+        string_filters: [
+          { filter_name: :query }
+        ],
+        boolean_filters: [],
+        reference_filters: [],
+        variable_filters: [],
+      }
+    end
+
+    def configure_filter_ui_settings
+      @filter_ui_settings = {}
+    end
+
+    def resource_url(obj)
+      url_for([@role, obj])
+    end
+
+    def resource_controller_configuration
+      {
+        collection_name: :users,
+        item_name: :user,
+        class: User,
+        show_modal_after_create: false,
+        show_modal_after_update: false,
+        page_title: "Manage User Roles",
+        js_view_path: "/kuppayam/workflows/parrot",
+        view_path: "/usman/user_roles"
+      }
+    end
+
+    def breadcrumbs_configuration
+      {
+        heading: "Manage User Roles",
+        description: "Listing all User Roles",
+        links: [{name: "Home", link: dashboard_path, icon: 'fa-home'}]
+      }
+    end
+
+    def permitted_params
+      params.require(:user).permit(:id)
+    end
+
+    def set_navs
+      set_nav("admin/roles/user_roles")
+    end
+
+  end
+end

data/app/controllers/usman/users_controller.rb

@@ -0,0 +1,133 @@
+module Usman
+  class UsersController < ResourceController
+
+    before_action :require_site_admin
+    
+    def make_super_admin
+      @user = @r_object = User.find(params[:id])
+      if @user
+        @user.super_admin = true
+        if @user.valid?
+          @user.save
+          set_notification(true, I18n.t('status.success'), I18n.t('state.changed', item: default_item_name.titleize, new_state: @user.status))
+        else
+          set_notification(false, I18n.t('status.error'), I18n.translate("error"), @user.errors.full_messages.join("<br>"))
+        end
+      else
+        set_notification(false, I18n.t('status.not_found'), I18n.t('status.not_found', item: default_item_name.titleize))
+      end
+      render_row
+    end
+
+    def remove_super_admin
+      @user = @r_object = User.find(params[:id])
+      if @user
+        @user.super_admin = false
+        if @user.valid?
+          @user.save
+          set_notification(true, I18n.t('status.success'), I18n.t('state.changed', item: default_item_name.titleize, new_state: @user.status))
+        else
+          set_notification(false, I18n.t('status.error'), I18n.translate("error"), @user.errors.full_messages.join("<br>"))
+        end
+      else
+        set_notification(false, I18n.t('status.not_found'), I18n.t('status.not_found', item: default_item_name.titleize))
+      end
+      render_row
+    end
+
+    def masquerade
+      @user = @r_object = User.find(params[:id])
+      masquerade_as_user(@user)
+    end
+
+    private
+
+    def get_collections
+      # Fetching the users
+      @relation = User.includes(:profile_picture).where("")
+
+      parse_filters
+      apply_filters
+      
+      @users = @r_objects = @relation.page(@current_page).per(@per_page)
+
+      return true
+    end
+
+    def apply_filters
+      @relation = @relation.search(@query) if @query
+      @relation = @relation.status(@status) if @status
+      
+      # Normal users should not be able to view super admins
+      # He should not be seeing admins even while searching
+      if @current_user.super_admin?
+        @relation = @relation.where("super_admin IS #{@super_admin.to_s.upcase}") if @super_admin.nil? == false && @query.nil?
+      else
+        @relation = @relation.where("super_admin IS FALSE")
+      end
+
+      @order_by = "created_at desc" unless @order_by
+      @relation = @relation.order(@order_by)
+    end
+
+    def configure_filter_settings
+      @filter_settings = {
+        string_filters: [
+          { filter_name: :query },
+          { filter_name: :status }
+        ],
+
+        boolean_filters: [
+          { filter_name: :super_admin, options: {default: false }}
+        ],
+
+        reference_filters: [],
+        variable_filters: [],
+      }
+    end
+
+    def configure_filter_ui_settings
+      @filter_ui_settings = {
+        status: {
+          object_filter: false,
+          select_label: "Select Status",
+          display_hash: User::STATUS,
+          current_value: @status,
+          values: User::STATUS_REVERSE,
+          current_filters: @filters,
+          filters_to_remove: [],
+          filters_to_add: {},
+          url_method_name: 'users_url',
+          show_all_filter_on_top: true
+        }
+      }
+    end
+
+    def resource_controller_configuration
+      {
+        page_title: "Users",
+        js_view_path: "/kuppayam/workflows/peacock",
+        view_path: "/usman/users"
+      }
+    end
+
+    def breadcrumbs_configuration
+      {
+        heading: "Manage Users",
+        icon: "fa-user",
+        description: "Listing all Users",
+        links: [{name: "Home", link: dashboard_path, icon: 'fa-home'}, 
+                  {name: "Manage Users", link: users_path, icon: 'fa-user', active: true}]
+      }
+    end
+
+    def permitted_params
+      params.require(:user).permit(:name, :username, :email, :designation, :phone, :password, :password_confirmation)
+    end
+
+    def set_navs
+      set_nav("admin/users")
+    end
+
+  end
+end

data/app/helpers/usman/api_helper.rb

@@ -0,0 +1,79 @@
+module Usman
+  module ApiHelper
+
+    def current_user
+      # Return if @current_user is already initialized else check if the user exists with the auth token present in request header
+      @current_user ||= authenticate_with_http_token { |token, options| User.find_by(auth_token: token)}
+    end
+
+    def require_auth_token
+      current_user
+      unless @current_user
+        proc_code = Proc.new do
+          set_notification_messages("authentication.permission_denied", :error)
+          raise AuthenticationError
+        end
+        render_json_response(proc_code)
+        return
+      end
+    end
+
+    def require_super_admin_auth_token
+      current_user
+      unless @current_user && @current_user.is_super_admin?
+        proc_code = Proc.new do
+          set_notification_messages("authentication.permission_denied", :error)
+          raise AuthenticationError
+        end
+        render_json_response(proc_code)
+        return
+      end
+    end
+
+    def require_admin_auth_token
+      current_user
+      unless @current_user && @current_user.is_admin?
+        proc_code = Proc.new do
+          set_notification_messages("authentication.permission_denied", :error)
+          raise AuthenticationError
+        end
+        render_json_response(proc_code)
+        return
+      end
+    end
+
+    def embed_stack_in_json_response?
+      ["true", "t", "1", "yes"].include?(params[:debug].to_s.downcase.strip) # || Rails.env == "development"
+    end
+
+    ## This method will accept a proc, execute it and render the json
+    def render_json_response(proc_code)
+
+      begin
+        proc_code.call
+        @success = @success == false ? (false) : (true)
+      rescue Exception => e
+        @success = false
+        @errors = { 
+                    heading: I18n.translate("response.unexpected_failure.heading"),
+                    message: e.message.underscore,
+                    details: I18n.translate("response.#{e.message.underscore}.details"),
+                    stacktrace: (embed_stack_in_json_response? ? e.backtrace : nil)
+                  }
+      end
+      @status ||= 200
+
+      response_hash = {success: @success}
+      response_hash[:alert] = @alert unless @alert.blank?
+      response_hash[:data] = @data unless @data.blank?
+      response_hash[:errors] = @errors unless @errors.blank?
+      
+      response_hash[:total_data] = @total_data unless @total_data.blank?
+      response_hash[:per_page] = @per_page unless @per_page.blank?
+      response_hash[:current_page] = @current_page unless @current_page.blank?
+
+      render status: @status, json: response_hash
+      return
+    end
+  end
+end

data/app/helpers/usman/authentication_helper.rb

@@ -11,13 +11,6 @@ module Usman
     # Returns the default URL to which the system should redirect the user after successful authentication
     def default_redirect_url_after_sign_in
       main_app.user_landing_url
-      # if @current_user.has_role?("Admin")
-      #   main_app.admin_dashboard_url
-      # elsif @current_user.has_role?("Admin")
-      #   main_app.store_dashboard_url
-      # else
-      #   main_app.admin_dashboard_url
-      # end
     end
 
     # Returns the default URL to which the system should redirect the user after an unsuccessful attempt to authorise a resource/page
@@ -109,6 +102,27 @@ module Usman
       end
     end
 
+    def require_site_admin
+      return true if @current_user && @current_user.super_admin?
+      unless @current_user && @current_user.has_role?("Site Admin")
+        respond_to do |format|
+          format.html {
+            #text = "#{I18n.t("authentication.permission_denied.heading")}: #{I18n.t("authentication.permission_denied.message")}"
+            #set_flash_message(text, :error, false) if defined?(flash) && flash
+            redirect_after_unsuccessful_authentication
+          }
+          format.js {
+            @params_hsh = {}
+            @params_hsh[:client_app] = params[:client_app] if params[:client_app]
+            @params_hsh[:redirect_back_url] = params[:redirect_back_url] if params[:redirect_back_url]
+            @params_hsh[:requested_url] = request.original_url if request.get?
+            
+            render(:partial => 'usman/sessions/sign_in.js.erb', :handlers => [:erb], :formats => [:js])
+          }
+        end
+      end
+    end
+
     # This method is only used for masquerading. When admin masquerade as user A and then as B, when he logs out as B he should be logged in back as A
     # This is accomplished by storing the last user id in session and activating it when user is logged off
     def restore_last_user

data/app/models/device.rb

@@ -0,0 +1,149 @@
+class Device < ApplicationRecord
+  
+  # Constants
+  PENDING = "pending"
+  VERIFIED = "verified"
+  BLOCKED = "blocked"
+  
+  STATUS = { 
+    PENDING => "Pending", 
+    VERIFIED => "Verified",
+    BLOCKED => "Blocked"
+  }
+
+  STATUS_REVERSE = { 
+    "Pending" => PENDING,
+    "Verified" => VERIFIED,
+    "Blocked" => BLOCKED
+  }
+  
+	# Associations
+  belongs_to :user, optional: true
+  belongs_to :registration
+
+  # Validations
+  validates :uuid, presence: true, length: {maximum: 1024}
+  validates :device_token, presence: true, length: {maximum: 1024}
+  
+  validates :device_name, allow_blank: true, length: {maximum: 64}
+  validates :device_type, allow_blank: true, length: {maximum: 64}
+  validates :operating_system, allow_blank: true, length: {maximum: 64}
+  validates :software_version, allow_blank: true, length: {maximum: 64}
+  validates :last_accessed_api, allow_blank: true, length: {maximum: 1024}
+
+  validates :otp, allow_blank: true, length: {minimum: 5, maximum: 5}
+  validates :api_token, allow_blank: true, length: {maximum: 256}
+
+  validates :status, :presence => true, :inclusion => {:in => STATUS.keys, :presence_of => :status, :message => "%{value} is not a valid status" }
+
+  # ------------------
+  # Class Methods
+  # ------------------
+
+  # return an active record relation object with the search query in its where clause
+  # Return the ActiveRecord::Relation object
+  # == Examples
+  #   >>> device.search(query)
+  #   => ActiveRecord::Relation object
+  scope :search, lambda {|query| joins("INNER JOIN registrations on registrations.id = devices.registration_id
+                                        LEFT JOIN users on users.id = devices.user_id").
+                                 where("LOWER(devices.uuid) LIKE LOWER('%#{query}%') OR 
+                                        LOWER(devices.device_token) LIKE LOWER('%#{query}%') OR 
+                                        LOWER(devices.device_name) LIKE LOWER('%#{query}%') OR 
+                                        LOWER(devices.device_type) LIKE LOWER('%#{query}%') OR 
+                                        LOWER(registrations.mobile_number) LIKE LOWER('%#{query}%') OR 
+                                        LOWER(users.name) LIKE LOWER('%#{query}%')")}
+  scope :status, lambda { |status| where("LOWER(status)='#{status}'") }
+
+  scope :pending, -> { where(status: PENDING) }
+  scope :verified, -> { where(status: VERIFIED) }
+  scope :blocked, -> { where(status: BLOCKED) }
+
+  # ------------------
+  # Instance Methods
+  # ------------------
+
+  # Status Methods
+  # --------------
+
+  # * Return true if the user is pending, else false.
+  # == Examples
+  #   >>> device.pending?
+  #   => true
+  def pending?
+    (status == PENDING)
+  end
+
+  # * Return true if the user is not verified, else false.
+  # == Examples
+  #   >>> device.verified?
+  #   => true
+  def verified?
+    (status == VERIFIED)
+  end
+
+  # * Return true if the user is not blocked, else false.
+  # == Examples
+  #   >>> device.blocked?
+  #   => true
+  def blocked?
+    (status == BLOCKED)
+  end
+
+  # change the status to :pending
+  # Return the status
+  # == Examples
+  #   >>> device.pending!
+  #   => "pending"
+  def pending!
+    self.update_attribute(:status, PENDING)
+  end
+
+  # change the status to :verified
+  # Return the status
+  # == Examples
+  #   >>> device.verify!
+  #   => "verified"
+  def verify!
+    self.update_attribute(:status, VERIFIED)
+  end
+
+  # change the status to :blocked
+  # Return the status
+  # == Examples
+  #   >>> device.block!
+  #   => "blocked"
+  def block!
+    self.update_attribute(:status, BLOCKED)
+  end
+
+  # Permission Methods
+  # ------------------
+
+  def can_be_edited?
+    false
+  end
+
+  def can_be_deleted?
+    false
+  end
+
+  # Authentication Methods
+  # ----------------------
+
+  def generate_otp
+    self.otp = rand(10000..99999)
+  end
+
+  # Other Methods
+  # -------------
+
+  # * Return full name
+  # == Examples
+  #   >>> device.display_mobile_number
+  #   => "+919880123456"
+  def display_name
+    "#{self.device_name} - #{self.uuid}"
+  end
+	
+end

data/app/models/feature.rb

@@ -44,21 +44,25 @@ class Feature < Usman::ApplicationRecord
   scope :published, -> { where(status: PUBLISHED) }
   scope :disabled, -> { where(status: DISABLED) }
 
-  def self.save_row_data(row)
+  def self.save_row_data(hsh)
 
-    row.headers.each{ |cell| row[cell] = row[cell].to_s.strip }
+    return if hsh[:name].blank?
 
-    return if row[:name].blank?
-
-    feature = Feature.find_by_name(row[:name]) || Feature.new
-    feature.name = row[:name]
+    feature = Feature.find_by_name(hsh[:name]) || Feature.new
+    feature.name = hsh[:name]
     feature.status = Feature::UNPUBLISHED
     
     # Initializing error hash for displaying all errors altogether
     error_object = Kuppayam::Importer::ErrorHash.new
 
     if feature.valid?
-      feature.save!
+      begin
+        feature.save!
+      rescue Exception => e
+        summary = "uncaught #{e} exception while handling connection: #{e.message}"
+        details = "Stack trace: #{e.backtrace.map {|l| "  #{l}\n"}.join}"
+        error_object.errors << { summary: summary, details: details }        
+      end
     else
       summary = "Error while saving feature: #{feature.name}"
       details = "Error! #{feature.errors.full_messages.to_sentence}"

data/app/models/permission.rb

@@ -27,25 +27,23 @@ class Permission < Usman::ApplicationRecord
                                         LOWER(f.name) LIKE LOWER('%#{query}%')")}
 
 
-  def self.save_row_data(row)
+  def self.save_row_data(hsh)
 
-    row.headers.each{ |cell| row[cell] = row[cell].to_s.strip }
-
-    return if row[:user].blank? || row[:feature].blank?
+    return if hsh[:user].blank? || hsh[:feature].blank?
 
     # Initializing error hash for displaying all errors altogether
     error_object = Kuppayam::Importer::ErrorHash.new
 
-    user = User.find_by_username(row[:user])
+    user = User.find_by_username(hsh[:user])
     unless user
-      summary = "User '#{row[:user]}' doesn't exist"
+      summary = "User '#{hsh[:user]}' doesn't exist"
       error_object.errors << { summary: summary }
       return error_object
     end
 
-    feature = Feature.find_by_name(row[:feature])
+    feature = Feature.find_by_name(hsh[:feature])
     unless feature
-      summary = "Feature '#{row[:feature]}' doesn't exist"
+      summary = "Feature '#{hsh[:feature]}' doesn't exist"
       error_object.errors << { summary: summary }
       return error_object
     end
@@ -53,13 +51,19 @@ class Permission < Usman::ApplicationRecord
     permission = Permission.where("user_id = ? AND feature_id = ?", user.id, feature.id).first || Permission.new
     permission.user = user
     permission.feature = feature
-    permission.can_create = row[:can_create]
-    permission.can_read = row[:can_read]
-    permission.can_update = row[:can_update]
-    permission.can_delete = row[:can_delete]
+    permission.can_create = hsh[:can_create]
+    permission.can_read = hsh[:can_read]
+    permission.can_update = hsh[:can_update]
+    permission.can_delete = hsh[:can_delete]
     
     if permission.valid?
-      permission.save!
+      begin
+        permission.save!
+      rescue Exception => e
+        summary = "uncaught #{e} exception while handling connection: #{e.message}"
+        details = "Stack trace: #{e.backtrace.map {|l| "  #{l}\n"}.join}"
+        error_object.errors << { summary: summary, details: details }        
+      end
     else
       summary = "Error while saving permission: #{user.name} - #{feature.name}"
       details = "Error! #{permission.errors.full_messages.to_sentence}"