virtuatable-core 1.3.0 → 1.5.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 13712af3f0db1598191b3a51bb599c93f512da5e074ef504288dc498f45602a4
-  data.tar.gz: c886c91f0698d97ebcfe6c0538ed35023e2472b03db28d625745794ac4a18c05
+  metadata.gz: d95c03cd13525c1a5326004d88c62a806c0e991ef8dd0766f0f2465078f2b23e
+  data.tar.gz: d217b7fd979676aa8b61cd58fb8ad54a3abd352fe105713700c12edc39abfdd6
 SHA512:
-  metadata.gz: eec95c84abcc9093600b0d3d73279924e6d77095e246fad33a513868aaac08798dd2c4dc850406d47a93810deed2bc6750d0fd0f8349cbffaf72815223ab3280
-  data.tar.gz: c798211dda3d35be799be2ef21589a67e86dc1d646f6168e6f39d8ed4bc458b1a6418cecf04f15311e681cd41efd48d7fb5497f0e85baf11287196f2ba6a77c1
+  metadata.gz: 4c180ac1d407073cc75d81a8d08f9394ef6d025cb899c4971a94ee6daa213ca5bcf4d240bd491b2374c60c7e2abfab80729226af37b0b7bdc60c0d7c3b2af326
+  data.tar.gz: d2c695ecb5ad843dc18789f84e6028bde42fb74949351f9f3308018d2c57cd29ef87a9ecc1d2cc8b4cf29a87c6ac73eab12b29177c32c6f0ba915798bc24bbd3

data/lib/core/controllers/base.rb

@@ -13,8 +13,9 @@ module Core
       # Includes the custom errors throwers and responses helpers.
       include Core::Helpers::Errors
       include Core::Helpers::Responses
-      # Includes the checking methods for sessions.
-      include Core::Helpers::Sessions
+      # Includes the checking methods for access tokens.
+      include Core::Helpers::Tokens
+      include Core::Helpers::Scopes
       # Include the checkers and getters for OAuth apps
       include Core::Helpers::Applications
       # Include checkers for field requirement and check

data/lib/core/decorators/campaign.rb

@@ -0,0 +1,20 @@
+module Core
+  module Decorators
+    class Campaign < Draper::Decorator
+      delegate_all
+
+      def to_simple_h
+        {
+          id: id.to_s,
+          title: title,
+          description: description,
+          tags: tags,
+          players: {
+            current: invitations.where(status: :accepted).count,
+            max: max_players
+          }
+        }
+      end
+    end
+  end
+end

data/lib/core/decorators.rb

@@ -0,0 +1,5 @@
+module Core
+  module Decorators
+    autoload :Campaign, 'core/decorators/campaign'
+  end
+end

data/lib/core/helpers/accounts.rb

@@ -10,8 +10,8 @@ module Core
       def account
         return @account unless @account.nil?
 
-        session_id_required if !respond_to?(:session) || session.nil?
-        @account = session.account
+        @account = token.authorization.account
+        @account
       end
 
       def account_id_not_found

data/lib/core/helpers/declarators.rb

@@ -6,9 +6,6 @@ module Core
     # to declare routes whithin a service, performing needed checks and filters.
     # @author Vincent Courtois <courtois.vincent@outlook.com>
     module Declarators
-      # @!attribute [r] routes
-      #   @return [Array<Core::Models::Permissions::Route>] the currently declared routes.
-      attr_reader :api_routes
 
       # Main method to declare new routes, persisting them in the database and
       # declaring it in the Sinatra application with the needed before checks.
@@ -16,68 +13,15 @@ module Core
       # @param verb [String] the HTTP method for the route.
       # @param path [String] the whole URI with parameters for the route.
       # @param options [Hash] the additional options for the route.
-      def api_route(verb, path, options: {}, &block)
-        options = default_options.merge(options)
-        route = add_route(verb: verb, path: path, options: options)
-
-        # TODO : do everything in the #send itself to avoid
-        # route reload issues when premium is changed. It will
-        # add some treatments but avoid many problems if route.premium
-        send(route.verb, route.path) do
-          application(premium: current_route.premium)
-          session if current_route.authenticated
+      def api_route(verb, path, premium: false, scopes: [], &block)
+        send(verb, path) do
+          scope_objects = fetch_scopes(scopes + ['data::usage'])
+          appli = application(premium: premium)
+          check_app_scopes(appli, scope_objects)
+          check_token_scopes(token, scope_objects)
           instance_eval(&block)
         end
       end
-
-      # Add a route to the database, then to the routes array.
-      # @param verb [String] the HTTP method used to request this route.
-      # @param path [String] the path used to request this route.
-      # @return [Core::Models::Permissions::Route] the created route.
-      def add_route(verb:, path:, options:)
-        route = Core::Models::Permissions::Route.find_or_create_by!(
-          path: path,
-          verb: verb.downcase,
-          premium: options[:premium],
-          authenticated: options[:authenticated]
-        )
-        api_routes.nil? ? @api_routes = [route] : push_route(route)
-        add_permissions(route)
-        route
-      end
-
-      # Pushes the route in the api routes list, by creating it if needed
-      # @param route [Core::Models::Permissions::Route] the route to push in the list of routes.
-      def push_route(route)
-        @api_routes << route if api_routes.none? do |tmp_route|
-          route.id == tmp_route.id
-        end
-      end
-
-      # Add the default access permissions to a route. Any group tagged superuser
-      # can automatically access any newly declared_route.
-      # params route [Core::Models::Permissions::Route] the route to add the permissions to.
-      def add_permissions(route)
-        groups = Core::Models::Permissions::Group.where(is_superuser: true)
-        groups.each do |group|
-          unless route.groups.where(id: group.id).exists?
-            route.groups << group
-            route.save!
-          end
-        end
-      end
-
-      # The default options for a route, being the most used value for each key.
-      # @return [Hash] the default options as a hash.
-      def default_options
-        {
-          # If TRUE the application MUST be premium to access the route.
-          # Mainly used to protect administration routes against illegal accesses.
-          premium: false,
-          # If TRUE the user MUST be authenticated to access the route.
-          authenticated: true
-        }
-      end
     end
   end
 end

data/lib/core/helpers/scopes.rb

@@ -0,0 +1,22 @@
+module Core
+  module Helpers
+    module Scopes
+
+      def fetch_scopes(names)
+        (names.map { |n| Core::Models::OAuth::Scope.find_by(name: n) }).select { |s| !s.nil? }
+      end
+
+      def check_token_scopes(token, scopes)
+        scopes.each do |scope|
+          api_forbidden 'scope.forbidden' if !token.scopes.include? scope
+        end
+      end
+
+      def check_app_scopes(application, scopes)
+        scopes.each do |scope|
+          api_forbidden 'scope.forbidden' if !application.scopes.include? scope
+        end
+      end
+    end
+  end
+end

data/lib/core/helpers/tokens.rb

@@ -0,0 +1,28 @@
+# frozen_string_literal: true
+
+module Core
+  module Helpers
+    # This helper aims at providing vanity methods concerning OAuth tokens.
+    # @author Vincent Courtois <courtois.vincent@outlook.com>
+    module Tokens
+      # Returns the database object representing the current OAuth token, or
+      # raises an error if the token seems to be invalid for any reason.
+      # @return [Core::Models::Oauth::AccessToken] the token if everything went well.
+      # @raise [Core::Helpers::Errors::BadRequest] if the token is not given.
+      # @raise [Core::Helpers::Errors::NotFound] if the token is not found in the
+      #   database searching for the value passed as parameter.
+      # @raise [Core::Helpers::Errors::Forbidden] if the token belongs to another
+      #   application.
+      def token
+        return @token unless @token.nil?
+
+        check_presence 'token'
+        @token = Core::Models::OAuth::AccessToken.find_by(value: params['token'])
+        api_not_found 'token.unknown' if @token.nil?
+        token_app_id = token.authorization.application.id.to_s
+        api_forbidden 'token.mismatch' if token_app_id != application.id.to_s
+        @token
+      end
+    end
+  end
+end

data/lib/core/helpers.rb

@@ -13,6 +13,7 @@ module Core
     autoload :Parameters, 'core/helpers/parameters'
     autoload :Responses, 'core/helpers/responses'
     autoload :Routes, 'core/helpers/routes'
-    autoload :Sessions, 'core/helpers/sessions'
+    autoload :Scopes, 'core/helpers/scopes'
+    autoload :Tokens, 'core/helpers/tokens'
   end
 end

data/lib/core/models/account.rb

@@ -37,10 +37,6 @@ module Core
       # @!attribute [w] password_confirmation
       #   @return [String] the confirmation of the password, do not get, just set it ; it must be the same as the password.
       has_secure_password validations: false
-
-      # @!attribute [rw] groups
-      #   @return [Array<Core::Models::Permissions::Group>] the groups giving their corresponding rights to the current account.
-      has_and_belongs_to_many :groups, class_name: 'Core::Models::Permissions::Group', inverse_of: :accounts
       
       # @!attribute [rw] applications
       #   @return [Array<Core::Models::OAuth::Application] the applications this user has created and owns.

data/lib/core/models/oauth/access_token.rb

@@ -8,7 +8,7 @@ module Core
         include Mongoid::Document
         include Mongoid::Timestamps
 
-        store_in collection: 'oauth_access_token'
+        store_in collection: 'oauth_access_tokens'
 
         # @!attribute [rw] value
         #   @return [String] the value of the token, returned to the application when built.

data/lib/core/models/oauth/application.rb

@@ -7,7 +7,7 @@ module Core
         include Mongoid::Document
         include Mongoid::Timestamps
 
-        store_in collection: 'oauth_application'
+        store_in collection: 'oauth_applications'
 
         # @!attribute [rw] name
         #   @return [String] the unique name of the application, mainly used to identify and display it.

data/lib/core/models/oauth/authorization.rb

@@ -10,7 +10,7 @@ module Core
         include Mongoid::Document
         include Mongoid::Timestamps
 
-        store_in collection: 'oauth_authorization'
+        store_in collection: 'oauth_authorizations'
 
         # @!attribute [rw] code
         #   @return [String] the value corresponding to the authentication code in the RFC of OAuth2.0, kep for historic purpose.

data/lib/core/models/oauth/refresh_token.rb

@@ -7,7 +7,7 @@ module Core
         include Mongoid::Document
         include Mongoid::Timestamps
 
-        store_in collection: 'oauth_refresh_token'
+        store_in collection: 'oauth_refresh_tokens'
 
         # @!attribute [rw] value
         #   @return [String] the value of the token, returned to the application when built.

data/lib/core/models/oauth/scope.rb

@@ -8,7 +8,7 @@ module Core
         include Mongoid::Document
         include Mongoid::Timestamps
 
-        store_in collection: 'scopes'
+        store_in collection: 'oauth_scopes'
 
         # @!attribute [rw] name
         #   @return [String] the name of the scope, used to get its translation on the frontend.

data/lib/core/models.rb

@@ -16,7 +16,6 @@ module Core
     autoload :Files, 'core/models/files'
     autoload :Notification, 'core/models/notification'
     autoload :OAuth, 'core/models/oauth'
-    autoload :Permissions, 'core/models/permissions'
     autoload :Ruleset, 'core/models/ruleset'
   end
 end

data/lib/core/services/accounts.rb

@@ -1,6 +1,8 @@
 module Core
   module Services
-    class Accounts < Core::Services::Base
+    class Accounts
+      include Singleton
+      
       def get_by_username(username)
         account = Core::Models::Account.find_by(username: username)
         if account.nil?

data/lib/core/services/campaigns.rb

@@ -0,0 +1,26 @@
+module Core
+  module Services
+    class Campaigns
+      include Singleton
+
+      # Lists all the campaigns of a user identified by its account.
+      #
+      # @param account [Core::Models::Account] the user requesting its campaigns.
+      # @param page [Integer] the page in the list of campaigns to return to the users.
+      # @param per_page [Integer] the number of campaigns per page.
+      #
+      # @return [Array<Hash>] an array of hash representing campaigns.
+      def list(account, page: 0, per_page: 20, **ignored)
+        campaigns = campaigns(account).skip(page * per_page).limit(per_page)
+        campaigns.map do |campaign|
+          Core::Decorators::Campaign.new(campaign).to_simple_h
+        end
+      end
+
+      def campaigns(account)
+        invitations = account.invitations.where(enum_status: 'creator')
+        Core::Models::Campaign.where(:id.in => invitations.map(&:campaign_id))
+      end
+    end
+  end
+end

data/lib/core/services/registry.rb

@@ -3,12 +3,14 @@ module Core
     # The registry holds references to all the services accessible in the library. To access
     # all services and be able to manage resources easily, just instanciate the 
     class Registry
+      include Singleton
 
-      attr_reader :accounts, :sessions
+      attr_reader :accounts, :sessions, :campaigns
 
       def initialize
-        @accounts = Core::Services::Accounts.new(self)
-        @sessions = Core::Services::Sessions.new(self)
+        @accounts = Core::Services::Accounts.instance
+        @sessions = Core::Services::Sessions.instance
+        @campaigns = Core::Services::Campaigns.instance
       end
     end
   end

data/lib/core/services/sessions.rb

@@ -5,7 +5,8 @@ module Core
   module Services
     # Service concerning sessions (log in and log out)
     # @author Vincent Courtois <courtois.vincent@outlook.com>
-    class Sessions < Core::Services::Base
+    class Sessions
+      include Singleton
       # Creates a new session from the given user credentials. IT will
       # * check that the user exists in the database
       # * check that the password matches the user encrypted password
@@ -16,7 +17,7 @@ module Core
       # @param password [string] the password the user has provided
       # @return [Core::Models::Authentication::Session] the login session
       def create(username, password)
-        account = services.accounts.get_by_username(username)
+        account = Core.svc.accounts.get_by_username(username)
         if BCrypt::Password.new(account.password_digest) != password
           raise Core::Helpers::Errors::Forbidden.new(
             field: 'password',

data/lib/core/services.rb

@@ -5,8 +5,8 @@ module Core
   # @author Vincent Courtois <courtois.vincent@outlook.com>
   module Services
     autoload :Accounts, 'core/services/accounts'
-    autoload :Base, 'core/services/base'
     autoload :Registry, 'core/services/registry'
     autoload :Sessions, 'core/services/sessions'
+    autoload :Campaigns, 'core/services/campaigns'
   end
 end

data/lib/core/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module Core
-  VERSION = '1.3.0'
+  VERSION = '1.5.0'
 end

data/lib/core.rb

@@ -1,12 +1,18 @@
 # frozen_string_literal: true
 
-%w[active_model mongoid active_support].each { |g| require g }
+%w[active_model mongoid active_support draper].each { |g| require g }
 
 # Main module of the application, holding all the subsequent classes.
 # @author Vincent Courtois <courtois.vincent@outlook.com>
 module Core
   autoload :Controllers, 'core/controllers'
+  autoload :Decorators, 'core/decorators'
   autoload :Helpers, 'core/helpers'
   autoload :Models, 'core/models'
   autoload :Services, 'core/services'
+
+  # Returns the registry of services for easier access to each of them.
+  def self.svc
+    Core::Services::Registry.instance
+  end
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: virtuatable-core
 version: !ruby/object:Gem::Version
-  version: 1.3.0
+  version: 1.5.0
 platform: ruby
 authors:
 - Vincent Courtois
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2022-04-24 00:00:00.000000000 Z
+date: 2022-05-09 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: database_cleaner
@@ -276,6 +276,20 @@ dependencies:
     - - '='
       - !ruby/object:Gem::Version
         version: 2.1.0
+- !ruby/object:Gem::Dependency
+  name: draper
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
 description: This gem holds the model layer for my table-top RPG games application.
 email: courtois.vincent@outlook.com
 executables: []
@@ -285,6 +299,8 @@ files:
 - lib/core.rb
 - lib/core/controllers.rb
 - lib/core/controllers/base.rb
+- lib/core/decorators.rb
+- lib/core/decorators/campaign.rb
 - lib/core/helpers.rb
 - lib/core/helpers/accounts.rb
 - lib/core/helpers/applications.rb
@@ -298,7 +314,8 @@ files:
 - lib/core/helpers/parameters.rb
 - lib/core/helpers/responses.rb
 - lib/core/helpers/routes.rb
-- lib/core/helpers/sessions.rb
+- lib/core/helpers/scopes.rb
+- lib/core/helpers/tokens.rb
 - lib/core/models.rb
 - lib/core/models/account.rb
 - lib/core/models/authentication.rb
@@ -333,15 +350,10 @@ files:
 - lib/core/models/oauth/authorization.rb
 - lib/core/models/oauth/refresh_token.rb
 - lib/core/models/oauth/scope.rb
-- lib/core/models/permissions.rb
-- lib/core/models/permissions/category.rb
-- lib/core/models/permissions/group.rb
-- lib/core/models/permissions/right.rb
-- lib/core/models/permissions/route.rb
 - lib/core/models/ruleset.rb
 - lib/core/services.rb
 - lib/core/services/accounts.rb
-- lib/core/services/base.rb
+- lib/core/services/campaigns.rb
 - lib/core/services/registry.rb
 - lib/core/services/sessions.rb
 - lib/core/version.rb

data/lib/core/helpers/sessions.rb

@@ -1,30 +0,0 @@
-# frozen_string_literal: true
-
-module Core
-  module Helpers
-    # This helper gives access to methods about user's session on the API.
-    # @author Vincent Courtois <courtois.vincent@outlook.com>
-    module Sessions
-      # Checks the session of the user requesting the API and returns an error
-      # if it either not exists with the given token, or the token is not given.
-      #
-      # @raise [Virtuatable::API::Errors::NotFound] if the session is not found
-      #   or the token not given in the parameters of the request.
-      # @raise [Virtuatable::API::Errors::BadRequest] if the session token is
-      #   not correctly given in the parameters.
-      #
-      # @return [Core::Models::Authentication::Session] the current session of the user.
-      def session
-        return @session unless @session.nil?
-
-        check_presence 'session_id'
-        @session = session_model.find_by(token: params['session_id'])
-        @session.nil? ? api_not_found('session_id.unknown') : @session
-      end 
-
-      def session_model
-        Core::Models::Authentication::Session
-      end
-    end
-  end
-end

data/lib/core/models/permissions/category.rb

@@ -1,17 +0,0 @@
-module Core
-  module Models
-    module Permissions
-      # A category of rights regroups one or several rights for convenience purposes.
-      # @author Vincent Courtois <courtois.vincent@outlook.com>
-      class Category
-        include Mongoid::Document
-        include Mongoid::Timestamps
-        include Core::Models::Concerns::Sluggable
-
-        store_in collection: 'categories'
-
-        has_many :rights, class_name: 'Core::Models::Permissions::Right', inverse_of: :category
-      end
-    end
-  end
-end

data/lib/core/models/permissions/group.rb

@@ -1,32 +0,0 @@
-module Core
-  module Models
-    module Permissions
-      # A group gathers one or several users to give them the same rights for conviniency purposes.
-      # @author Vincent Courtois <courtois.vincent@outlook.com>
-      class Group
-        include Mongoid::Document
-        include Mongoid::Timestamps
-        include Core::Models::Concerns::Sluggable
-
-        store_in collection: 'groups'
-
-        # @!attribute [rw] is_default
-        #   @return [Boolean] a boolean indicating whether this group is given when a new user registered or not.
-        field :is_default, type: Mongoid::Boolean, default: false
-        # @!attribute [rw] is_superuser
-        #   @return [Boolean] a boolean indicating whether this group should have access to all groups and rights or not.
-        field :is_superuser, type: Mongoid::Boolean, default: false
-
-        # @!attribute [rw] accounts
-        #   @return [Array<Core::Models::Account>] the accounts having the rights granted by this group.
-        has_and_belongs_to_many :accounts, class_name: 'Core::Models::Account', inverse_of: :groups
-        # @!attribute [rw] rights
-        #   @return [Array<Core::Models::Permissions::Right>] the rights granted by belonging to this group.
-        has_and_belongs_to_many :rights, class_name: 'Core::Models::Permissions::Right', inverse_of: :groups
-        # @!attribute [rw] routes
-        #   @return [Array<Core::Models::Monitoring::Route>] the routes this group can access in the API.
-        has_and_belongs_to_many :routes, class_name: 'Core::Models::Permissions::Route', inverse_of: :groups
-      end
-    end
-  end
-end

data/lib/core/models/permissions/right.rb

@@ -1,21 +0,0 @@
-module Core
-  module Models
-    module Permissions
-      # A right is the access to one or several features in the application. It's applied to a group, and transitively to an account.
-      # @author Vincent Courtois <courtois;vincent@outlook.com>
-      class Right
-        include Mongoid::Document
-        include Mongoid::Timestamps
-        include Core::Models::Concerns::Sluggable
-
-        store_in collection: 'rights'
-
-        # @!attribute [rw] groups
-        #   @return [Array<Core::Models::Permissions::Group>] the groups granted with the permission to access features opened by this right.
-        has_and_belongs_to_many :groups, class_name: 'Core::Models::Permissions::Group', inverse_of: :rights
-
-        belongs_to :category, class_name: 'Core::Models::Permissions::Category', inverse_of: :rights
-      end
-    end
-  end
-end

data/lib/core/models/permissions/route.rb

@@ -1,35 +0,0 @@
-module Core
-  module Models
-    module Permissions
-      # A route is an endpoint accessible in the API. Each route has to have an associated endpoint in the deployed instances.
-      # @param Vincent Courtois <courtois.vincent@outlook.com>
-      class Route
-        include Mongoid::Document
-        include Mongoid::Timestamps
-        include Core::Models::Concerns::Premiumable
-        include Core::Models::Concerns::Activable
-
-        store_in collection: 'routes'
-
-        # @!attribute [rw] path
-        #   @return [String] the path (URI) of the route in the API.
-        field :path, type: String, default: '/'
-        # @!attribute [rw] verb
-        #   @return [String] the verb (HTTP method) of this route in the API.
-        field :verb, type: String, default: 'get'
-        # @!attribute [rw] authenticated
-        #   @return [Boolean] if true, the session_id is needed for this route, if false it is not.
-        field :authenticated, type: Mongoid::Boolean, default: true
-        # @!attribute [rw] groups
-        #   @return [Array<Core::Models::Permissions::Group>] the groups having permission to access this route.
-        has_and_belongs_to_many :groups, class_name: 'Core::Models::Permissions::Group', inverse_of: :groups
-
-        validates :path,
-          format: {with: /\A(\/|((\/:?[a-zA-Z0-9_]+)+))\z/, message: 'pattern', if: :path?}
-
-        validates :verb,
-          inclusion: {message: 'unknown', in: ['get', 'post', 'put', 'delete', 'patch', 'option']}
-      end
-    end
-  end
-end

data/lib/core/models/permissions.rb

@@ -1,13 +0,0 @@
-module Core
-  module Models
-    # This module holds the logic for all the classes concerning the permissions abd rights for the user.
-    # A permission is restricting the access to one or several features to the users having it.
-    # @author Vincent Courtois <courtois.vincent@outlook.com>
-    module Permissions
-      autoload :Right   , 'core/models/permissions/right'
-      autoload :Group   , 'core/models/permissions/group'
-      autoload :Category, 'core/models/permissions/category'
-      autoload :Route   , 'core/models/permissions/route'
-    end
-  end
-end

data/lib/core/services/base.rb

@@ -1,11 +0,0 @@
-module Core
-  module Services
-    class Base
-      attr_reader :services
-
-      def initialize(registry)
-        @services = registry
-      end
-    end
-  end
-end