virtuatable-core 1.2.2 → 1.3.0

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: b2c522c5694270544ff7aa08e434bc1af1978dbd4b8c5488eac48158e4ae18c7
4
- data.tar.gz: 8490c9d478c1cf2d2b505312bd8824ce67bc759fce490ea980517ac8ec4cf1df
3
+ metadata.gz: 13712af3f0db1598191b3a51bb599c93f512da5e074ef504288dc498f45602a4
4
+ data.tar.gz: c886c91f0698d97ebcfe6c0538ed35023e2472b03db28d625745794ac4a18c05
5
5
  SHA512:
6
- metadata.gz: 2dd843cd275f9f9d5b0ee563a500069fa0af65c0ea716ad470147b87acfa62b2d369e122b36080a976567dee381bf2a4625b27b4b17d9faa485315463d945fa8
7
- data.tar.gz: c0707af825058224eab8297cc92e370ed78be96ebe55876e99010c3a0603f3ea68f848e4f6171839a06a6241c36dcae7a4387cadb921f992f1a3dfc6116d38b6
6
+ metadata.gz: eec95c84abcc9093600b0d3d73279924e6d77095e246fad33a513868aaac08798dd2c4dc850406d47a93810deed2bc6750d0fd0f8349cbffaf72815223ab3280
7
+ data.tar.gz: c798211dda3d35be799be2ef21589a67e86dc1d646f6168e6f39d8ed4bc458b1a6418cecf04f15311e681cd41efd48d7fb5497f0e85baf11287196f2ba6a77c1
@@ -10,10 +10,10 @@ module Core
10
10
  def application(premium: false)
11
11
  return @application unless @application.nil?
12
12
 
13
- check_presence 'app_key'
14
- @application = application_model.find_by(key: params['app_key'])
15
- api_not_found 'app_key.unknown' if @application.nil?
16
- api_forbidden 'app_key.forbidden' if premium && !@application.premium
13
+ check_presence 'client_id'
14
+ @application = application_model.find_by(client_id: params['client_id'])
15
+ api_not_found 'client_id.unknown' if @application.nil?
16
+ api_forbidden 'client_id.forbidden' if premium && !@application.premium
17
17
 
18
18
  @application
19
19
  end
@@ -6,22 +6,16 @@ module Core
6
6
  module Sluggable
7
7
  extend ActiveSupport::Concern
8
8
 
9
- # Module holding the class methods for the classes including this concern.
10
- # @author Vincent Courtois <courtois.vincent@outlook.com>
11
- module ClassMethods
12
- # Add the field and its validations in the model including it.
13
- # @param entity_type [String,Symbol] the name of the model including it, to be included in the error messages.
14
- def make_sluggable(entity_type)
15
- # @!attribute [rw] slug
16
- # @return [String] the slug of the current entity ; it must be snake-cased, longer than four characters, unique for the entity and given.
17
- field :slug, type: String
9
+ included do
10
+ # @!attribute [rw] slug
11
+ # @return [String] the slug of the current entity ; it must be snake-cased, longer than four characters, unique for the entity and given.
12
+ field :slug, type: String
18
13
 
19
- validates :slug,
20
- length: {minimum: 4, message: 'minlength', if: :slug?},
21
- format: {with: /\A[a-z]+(_[a-z]+)*\z/, message: 'pattern', if: :slug?},
22
- uniqueness: {message: 'uniq', if: :slug?},
23
- presence: {message: 'required'}
24
- end
14
+ validates :slug,
15
+ length: {minimum: 4, message: 'minlength', if: :slug?},
16
+ format: {with: /\A[a-z]+(_[a-z]+)*\z/, message: 'pattern', if: :slug?},
17
+ uniqueness: {message: 'uniq', if: :slug?},
18
+ presence: {message: 'required'}
25
19
  end
26
20
  end
27
21
  end
@@ -21,6 +21,12 @@ module Core
21
21
  # @return [Core::Models::OAuth::Authorization] the authorization code that issued this token to the application for this user.
22
22
  belongs_to :authorization, class_name: 'Core::Models::OAuth::Authorization', inverse_of: :tokens
23
23
 
24
+
25
+ # A refresh token is attached to each and every refresh token so that it can be used to deliver a new access token.
26
+ # @!attribute [rx] refresh_token
27
+ # @return [Core::Models::OAuth::RefreshToken] the refresh token linked to this token
28
+ has_one :refresh_token, class_name: 'Core::Models::OAuth::RefreshToken', inverse_of: :token
29
+
24
30
  validates :value,
25
31
  presence: {message: 'required'},
26
32
  uniqueness: {message: 'uniq'}
@@ -28,8 +34,25 @@ module Core
28
34
  # Checks if the current date is inferior to the creation date + expiration period
29
35
  # @return [Boolean] TRUE if the token is expired, FALSE otherwise.
30
36
  def expired?
37
+ # Handles the case where the token is given to a premium app (our apps have infinite tokens).
38
+ return false if premium?
39
+ return true if refresh_token.used?
40
+
31
41
  created_at.to_time.to_i + expiration < Time.now.to_i
32
42
  end
43
+
44
+ # Returns the scopes this access token can use to access the application
45
+ # @return [Array<Core::Models::OAuth::Scope>] the array of scopes from the linked authorization
46
+ def scopes
47
+ # Premium applications (our applications) have all the rights on the API.
48
+ return Core::Models::OAuth::Scope.all.to_a if premium?
49
+
50
+ authorization.scopes
51
+ end
52
+
53
+ def premium?
54
+ authorization.application.premium
55
+ end
33
56
  end
34
57
  end
35
58
  end
@@ -12,9 +12,12 @@ module Core
12
12
  # @!attribute [rw] name
13
13
  # @return [String] the unique name of the application, mainly used to identify and display it.
14
14
  field :name, type: String
15
- # @!attribute [rw] key
15
+ # @!attribute [rw] client_id
16
16
  # @return [String] the unique key for the application, identifying it when requesting a token for the API.
17
- field :key, type: String, default: ->{ SecureRandom.hex }
17
+ field :client_id, type: String, default: ->{ SecureRandom.hex }
18
+ # @!attribute [rw] client_secret
19
+ # @return [String] the "password" of the application, used to identify it when requesting tokens.
20
+ field :client_secret, type: String, default: ->{ SecureRandom.hex }
18
21
  # @!attribute [rw] premium
19
22
  # @return [Boolean] a value indicating whether the application should automatically receive a token when an account is created, or not.
20
23
  field :premium, type: Mongoid::Boolean, default: false
@@ -28,16 +31,22 @@ module Core
28
31
  # @!attribute [rw] authorizations
29
32
  # @return [Array<Core::Models::OAuth::Authorization>] the authorizations linked to the accounts this application can get the data from.
30
33
  has_many :authorizations, class_name: 'Core::Models::OAuth::Authorization', inverse_of: :application
34
+ # @!attribute [rw]
35
+ # @return [Array<Core::Models::OAuth::Scope>] the scopes this application will transmit to its token
36
+ has_and_belongs_to_many :scopes, class_name: 'Core::Models::OAuth::Scope', inverse_of: :applications
31
37
 
32
38
  validates :name,
33
39
  presence: {message: 'required'},
34
40
  length: {minimum: 6, message: 'minlength'},
35
41
  uniqueness: {message: 'uniq'}
36
42
 
37
- validates :key,
43
+ validates :client_id,
38
44
  presence: {message: 'required'},
39
45
  uniqueness: {message: 'uniq'}
40
46
 
47
+ validates :client_secret,
48
+ presence: {message: 'required'}
49
+
41
50
  validate :redirect_uris_values
42
51
 
43
52
  # Checks the URIs to get sure they are correct, a URI is correct if :
@@ -15,6 +15,9 @@ module Core
15
15
  # @!attribute [rw] code
16
16
  # @return [String] the value corresponding to the authentication code in the RFC of OAuth2.0, kep for historic purpose.
17
17
  field :code, type: String, default: ->{ SecureRandom.hex }
18
+ # @!attribute [rw] expiration
19
+ # @return [Integer] the time, in seconds, after which the authorization is declared expired.
20
+ field :expiration, type: Integer, default: 86400
18
21
 
19
22
  # @!attribute [rw] account
20
23
  # @return [Arkaaan::Account] the account granting the authorization to access its data to the application.
@@ -25,10 +28,19 @@ module Core
25
28
  # @!attribute [rw] token
26
29
  # @return [Core::Models::OAuth::AccessToken] the access token used further in the application process to access private data of the account.
27
30
  has_many :tokens, class_name: 'Core::Models::OAuth::AccessToken', inverse_of: :authorization
31
+ # @!attribute [rw]
32
+ # @return [Array<Core::Models::OAuth::Scope>] the scopes this access token has.
33
+ has_and_belongs_to_many :scopes, class_name: 'Core::Models::OAuth::Scope', inverse_of: :authorizations
28
34
 
29
35
  validates :code,
30
36
  presence: {message: 'required'},
31
37
  uniqueness: {message: 'uniq'}
38
+
39
+ # Checks if the current date is inferior to the creation date + expiration period
40
+ # @return [Boolean] TRUE if the authorization is expired, FALSE otherwise.
41
+ def expired?
42
+ created_at.to_time.to_i + expiration < Time.now.to_i
43
+ end
32
44
  end
33
45
  end
34
46
  end
@@ -12,10 +12,17 @@ module Core
12
12
  # @!attribute [rw] value
13
13
  # @return [String] the value of the token, returned to the application when built.
14
14
  field :value, type: String, default: ->{ SecureRandom.hex }
15
+ # @!attribute [rw] used_at
16
+ # @return [DateTime] the date and time at which this refresh token has been useds to create a new access token.
17
+ field :used_at, type: DateTime, default: nil
15
18
 
16
19
  # @!attribute [rw] authorization
17
20
  # @return [Core::Models::OAuth::Authorization] the authorization code that issued this token to the application for this user.
18
- belongs_to :authorization, class_name: 'Core::Models::OAuth::Authorization', inverse_of: :refresh_token
21
+ belongs_to :token, class_name: 'Core::Models::OAuth::AccessToken', inverse_of: :refresh_token
22
+
23
+ def used?
24
+ !used_at.nil? && used_at < DateTime.now
25
+ end
19
26
  end
20
27
  end
21
28
  end
@@ -0,0 +1,32 @@
1
+ module Core
2
+ module Models
3
+ module OAuth
4
+ # A scope gives access to some parts of the API, for example to the management of campaigns,
5
+ # applications or for account profile management.
6
+ # @author Vincent Courtois <courtois.vincent@outlook.com>
7
+ class Scope
8
+ include Mongoid::Document
9
+ include Mongoid::Timestamps
10
+
11
+ store_in collection: 'scopes'
12
+
13
+ # @!attribute [rw] name
14
+ # @return [String] the name of the scope, used to get its translation on the frontend.
15
+ field :name, type: String, default: ''
16
+
17
+ # @!attribute [rw] applications
18
+ # @return [Array<Core::Models::OAuth::Application>] the applications that want to have access to this
19
+ # scope from the users of the platform. These rights will be carried on to the tokens and frozen.
20
+ has_and_belongs_to_many :applications, class_name: 'Core::Models::OAuth::Application', inverse_of: :scopes
21
+ # @!attribute [rw] tokeauthorizationsns
22
+ # @return [Array<Core::Models::OAuth::Authorization] the tokens having these scopes.
23
+ has_and_belongs_to_many :authorizations, class_name: 'Core::Models::OAuth::Authorization', inverse_of: :scopes
24
+
25
+ validates :name,
26
+ presence: {message: 'required'},
27
+ length: {minimum: 6, if: :name?, message: 'minlength'},
28
+ uniqueness: {id: :name?, message: 'uniq'}
29
+ end
30
+ end
31
+ end
32
+ end
@@ -7,6 +7,7 @@ module Core
7
7
  autoload :Authorization, 'core/models/oauth/authorization'
8
8
  autoload :AccessToken , 'core/models/oauth/access_token'
9
9
  autoload :RefreshToken , 'core/models/oauth/refresh_token'
10
+ autoload :Scope , 'core/models/oauth/scope'
10
11
  end
11
12
  end
12
13
  end
@@ -11,8 +11,6 @@ module Core
11
11
  store_in collection: 'categories'
12
12
 
13
13
  has_many :rights, class_name: 'Core::Models::Permissions::Right', inverse_of: :category
14
-
15
- make_sluggable 'category'
16
14
  end
17
15
  end
18
16
  end
@@ -26,8 +26,6 @@ module Core
26
26
  # @!attribute [rw] routes
27
27
  # @return [Array<Core::Models::Monitoring::Route>] the routes this group can access in the API.
28
28
  has_and_belongs_to_many :routes, class_name: 'Core::Models::Permissions::Route', inverse_of: :groups
29
-
30
- make_sluggable 'group'
31
29
  end
32
30
  end
33
31
  end
@@ -15,8 +15,6 @@ module Core
15
15
  has_and_belongs_to_many :groups, class_name: 'Core::Models::Permissions::Group', inverse_of: :rights
16
16
 
17
17
  belongs_to :category, class_name: 'Core::Models::Permissions::Category', inverse_of: :rights
18
-
19
- make_sluggable 'right'
20
18
  end
21
19
  end
22
20
  end
data/lib/core/models.rb CHANGED
@@ -1,24 +1,22 @@
1
- require 'mongoid'
2
- require 'active_model'
3
- require 'active_support'
4
- require 'dotenv/load'
1
+ # frozen_string_literal: true
5
2
 
6
- # Main module of the application, holding all the subsequent classes.
7
- # @author Vincent Courtois <courtois.vincent@outlook.com>
8
3
  module Core
4
+ # Module holding the representations of the business objects we're manipulating
5
+ # in the database. Models are declared as Mongoid classes to connect to MongoDB
6
+ # @author Vincent Courtois <courtois.vincent@outlook.com>
9
7
  module Models
10
- autoload :Account , 'core/models/account'
8
+ autoload :Account, 'core/models/account'
11
9
  autoload :Authentication, 'core/models/authentication'
12
- autoload :Campaign , 'core/models/campaign'
13
- autoload :Campaigns , 'core/models/campaigns'
14
- autoload :Chatroom , 'core/models/chatroom'
15
- autoload :Chatrooms , 'core/models/chatrooms'
16
- autoload :Concerns , 'core/models/concerns'
17
- autoload :Event , 'core/models/event'
18
- autoload :Files , 'core/models/files'
19
- autoload :Notification , 'core/models/notification'
20
- autoload :OAuth , 'core/models/oauth'
21
- autoload :Permissions , 'core/models/permissions'
22
- autoload :Ruleset , 'core/models/ruleset'
10
+ autoload :Campaign, 'core/models/campaign'
11
+ autoload :Campaigns, 'core/models/campaigns'
12
+ autoload :Chatroom, 'core/models/chatroom'
13
+ autoload :Chatrooms, 'core/models/chatrooms'
14
+ autoload :Concerns, 'core/models/concerns'
15
+ autoload :Event, 'core/models/event'
16
+ autoload :Files, 'core/models/files'
17
+ autoload :Notification, 'core/models/notification'
18
+ autoload :OAuth, 'core/models/oauth'
19
+ autoload :Permissions, 'core/models/permissions'
20
+ autoload :Ruleset, 'core/models/ruleset'
23
21
  end
24
- end
22
+ end
data/lib/core/services.rb CHANGED
@@ -1,8 +1,12 @@
1
+ # frozen_string_literal: true
2
+
1
3
  module Core
4
+ # Services are orchestrating models to provide more high-level operations.
5
+ # @author Vincent Courtois <courtois.vincent@outlook.com>
2
6
  module Services
3
7
  autoload :Accounts, 'core/services/accounts'
4
8
  autoload :Base, 'core/services/base'
5
9
  autoload :Registry, 'core/services/registry'
6
10
  autoload :Sessions, 'core/services/sessions'
7
11
  end
8
- end
12
+ end
data/lib/core/version.rb CHANGED
@@ -1,3 +1,5 @@
1
+ # frozen_string_literal: true
2
+
1
3
  module Core
2
- VERSION = '1.2.2'
3
- end
4
+ VERSION = '1.3.0'
5
+ end
data/lib/core.rb CHANGED
@@ -1,7 +1,6 @@
1
- require 'mongoid'
2
- require 'active_model'
3
- require 'active_support'
4
- require 'dotenv/load'
1
+ # frozen_string_literal: true
2
+
3
+ %w[active_model mongoid active_support].each { |g| require g }
5
4
 
6
5
  # Main module of the application, holding all the subsequent classes.
7
6
  # @author Vincent Courtois <courtois.vincent@outlook.com>
@@ -10,4 +9,4 @@ module Core
10
9
  autoload :Helpers, 'core/helpers'
11
10
  autoload :Models, 'core/models'
12
11
  autoload :Services, 'core/services'
13
- end
12
+ end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: virtuatable-core
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.2.2
4
+ version: 1.3.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Vincent Courtois
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2022-04-12 00:00:00.000000000 Z
11
+ date: 2022-04-24 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: database_cleaner
@@ -332,6 +332,7 @@ files:
332
332
  - lib/core/models/oauth/application.rb
333
333
  - lib/core/models/oauth/authorization.rb
334
334
  - lib/core/models/oauth/refresh_token.rb
335
+ - lib/core/models/oauth/scope.rb
335
336
  - lib/core/models/permissions.rb
336
337
  - lib/core/models/permissions/category.rb
337
338
  - lib/core/models/permissions/group.rb