we_bridge_rails_engine_users 0.1.0

data/db/migrate/20150712132226_add_users.rb

@@ -0,0 +1,41 @@
+class AddUsers < ActiveRecord::Migration
+  def change
+    create_table :users do |t|
+      t.integer :person_id, null: true
+      t.string :email
+      t.string :user_img_url
+      t.integer :lang_id, null: false
+      t.datetime :deleted_at
+      t.timestamps
+    end
+
+    create_table :user_texts do |t|
+      t.integer :parent_id, null: false
+      t.integer :lang_id, null: false
+      t.string :nick_name, null: true
+      t.string :nick_name_pron, null: true
+      t.datetime :deleted_at
+      t.timestamps
+    end
+    add_index :user_texts, [:lang_id,:parent_id], unique: true
+
+    create_table :user_accounts do |t|
+      t.integer  :user_id, null: false
+      t.string   :provider,null: false
+      t.string   :uid,     null: false
+      t.string   :token
+      t.string   :name
+      t.string   :nickname
+      t.string   :email
+      t.string   :url
+      t.string   :image_url
+      t.string   :description
+      t.text     :other
+      t.text     :credentials
+      t.text     :raw_info
+      t.datetime :deleted_at
+      t.timestamps
+    end
+    add_index :user_accounts, [:uid], unique: true
+  end
+end

data/lib/tasks/we_bridge_rails_engine_langs_tasks.rake

@@ -0,0 +1,4 @@
+# desc "Explaining what the task does"
+# task :we_bridge_rails_engine_users do
+#   # Task goes here
+# end

data/lib/we_bridge_rails_engine_users.rb

@@ -0,0 +1,16 @@
+require "we_bridge_rails_engine_users/engine"
+require "we_bridge_rails_engine_users/application_controller"
+require "we_bridge_rails_engine_users/provider_settings"
+require 'we_bridge/html_builder'
+require "we_bridge/exceptions"
+require 'omniauth'
+
+module WeBridgeRailsEngineUsers
+end
+
+WeBridge::HtmlBuilder.register_template_handler
+
+OmniAuth.config.before_request_phase = proc{|env|
+  req = Rack::Request.new(env)
+  req.session[:redirect_to] = req.params["redirect_to"] || req.referrer
+}

data/lib/we_bridge_rails_engine_users/application_controller.rb

@@ -0,0 +1,41 @@
+module WeBridgeRailsEngineUsers
+  module ApplicationController
+    def self.included(application_controller)
+      application_controller.helper_method :current_user, :logged_in?
+    end
+
+    def login_required
+      if !current_user
+        raise WeBridge::Exceptions::UnauthorizedError
+      end
+    end
+
+    def logged_in?
+      !!current_user
+    end
+
+    def set_user_id(user_id)
+      session[:user_id] = user_id
+      current_user
+    end
+
+    def check_current_user(user,message=nil)
+      if !(current_user && user == current_user)
+        raise WeBridge::Exceptions::ForbiddenError
+      end
+    end
+
+    def set_user!(id=nil)
+      @user = User.find(id || params[:user_id] || params[:id])
+    end
+
+    def current_user
+      uid = session[:user_id]
+      if @current_user && uid.to_i != @current_user.id
+        @current_user = nil
+      end
+      @current_user ||= User.find_by(id: uid) if uid
+      @current_user
+    end
+  end
+end

data/lib/we_bridge_rails_engine_users/engine.rb

@@ -0,0 +1,13 @@
+module WeBridgeRailsEngineUsers
+  class Engine < ::Rails::Engine
+    config.generators do |g|
+      g.test_framework      :rspec, fixture: false, view_specs: true, helper_specs: true, controller_specs: true, request_specs: true, route_specs: true, model_specs: true
+      g.fixture_replacement :factory_girl, :dir => 'spec/factories'
+      g.template_engine :builder
+      g.assets true
+      g.helper true
+      g.stylesheets true
+      g.javascripts true
+    end
+  end
+end

data/lib/we_bridge_rails_engine_users/provider_settings.rb

@@ -0,0 +1,76 @@
+require 'yaml'
+module WeBridgeRailsEngineUsers
+  class ProviderSettings < Hash
+
+    @@instance = nil
+    @@file_loaded = false
+
+    def self.instance
+      @@instance ||= self.new
+    end
+
+    def self.file_loaded?
+      !!@@file_loaded
+    end
+
+    def self.reload!
+      @@instance = nil
+      @@file_loaded = false
+      self.instance.merge!(YAML.load_file(self.file_path)[Rails.env].symbolize_keys!.to_hash)
+      self.set_middleware
+      self
+    end
+
+    @@file_path = nil
+
+    def self.file_path=(path)
+      @@file_path = path
+    end
+
+    def self.file_path
+      @@file_path || "#{Rails.root}/config/omniauth.yml"
+    end
+
+    def self.availables(&block)
+      rtn = self.instance.delete_if{|key,conf|
+        !(conf['key'] && conf['secret'])
+      }
+      rtn.each do |oauth_provider_symbol,conf|
+        name = conf['name'] || oauth_provider_symbol
+        block.call(name,conf,oauth_provider_symbol)
+      end if block
+      rtn
+    end
+
+    def self.request_path(name)
+      "/auth/#{name}"
+    end
+
+    def self.callback_path(name)
+      "/auth/#{name}/callback"
+    end
+
+    def self.auth_callback_as(name)
+      "auth_callback_#{name}"
+    end
+
+    def self.auth_as(name)
+      "auth_#{name}"
+    end
+
+    def self.set_middleware
+      mw = Rails.application.config.middleware
+      mw.delete OmniAuth::Builder
+      mw.use OmniAuth::Builder do
+        WeBridgeRailsEngineUsers::ProviderSettings.availables do |name, conf, oauth_provider_symbol|
+          conf = conf.symbolize_keys
+          key,secret = conf[:key], conf[:secret]
+          conf.merge!(
+            request_path:  ProviderSettings.request_path(name),
+            callback_path: ProviderSettings.callback_path(name))
+          provider oauth_provider_symbol, key, secret, conf.merge(key: nil, secret: nil, name: nil)
+        end
+      end
+    end
+  end
+end

data/lib/we_bridge_rails_engine_users/version.rb

@@ -0,0 +1,3 @@
+module WeBridgeRailsEngineUsers
+  VERSION = "0.1.0"
+end

data/spec/controllers/sessions_controller_spec.rb

@@ -0,0 +1,95 @@
+require 'rails_helper'
+RSpec.describe SessionsController, type: :controller do
+
+  # This should return the minimal set of attributes required to create a valid
+  # model. As you add validations to model, be sure to
+  # adjust the attributes here as well.
+  let(:valid_attributes) {
+    {email: 'tester@baseball-bridge.org', lang_id: Lang.find_or_create_by(code: :ja).id}
+  }
+
+  let(:invalid_attributes) {
+    {lang_id: nil}
+  }
+
+  # This should return the minimal set of values that should be in the session
+  # in order to pass any filters (e.g. authentication) defined in
+  # Controller. Be sure to keep this updated too.
+  let(:valid_session) { {} }
+
+  let(:model) { User }
+
+  let(:new_attributes) {
+    valid_attributes.merge(email: 'tester2@baseball-bridge.org')
+  }
+
+  describe "GET #login" do
+    it "assigns all records as @records" do
+#      record = model.create! valid_attributes
+      get :login, {}, valid_session
+#      expect(assigns(:records)).to eq([record])
+    end
+  end
+
+  describe "GET #login" do
+    it "login page" do
+      get :login
+      expect(response.status).to eq(200)
+    end
+  end
+
+  describe "GET #callback" do
+    before :each do
+      WeBridgeRailsEngineUsers::ProviderSettings.file_path = File.expand_path('../../omniauth.yml',__FILE__)
+    end
+    let(:auth){
+      provider = nil
+      WeBridgeRailsEngineUsers::ProviderSettings.availables do |name|
+        provider = name; break;
+      end
+      {
+        'provider' => provider,
+        'uid' => '123545',
+        'info' => {
+          'email' => 'tester@baseball-bridge.org',
+          'image' => 'http://www.baseball-bridge.org/image/1.jpg'
+        }
+      }
+    }
+
+    before do
+      request.env["omniauth.auth"] = auth
+      # @path = WeBridgeRailsEngineUsers::ProviderSettings.callback_path(auth['provider'])
+    end
+
+    it "no user , no account" do
+      get :callback, provider: auth['provider']
+    end
+
+    it "no user , some account" do
+      UserAccount.find_or_create_by(user_id: -1, provider: auth['provider'], uid: auth['uid'])
+      get :callback, provider: auth['provider']
+    end
+
+    it "some user , some account" do
+      user = User.create!(lang_id: 1)
+      ua = UserAccount.find_or_create_by(provider: auth['provider'], uid: auth['uid'], user_id: user.id)
+      get :callback, provider: auth['provider']
+    end
+  end
+
+  describe "GET #failure" do
+    it "normal" do
+      get :failure
+      expect(response).to redirect_to(action: :login)
+    end
+  end
+
+  describe "GET #logout" do
+    it "normal" do
+      get :logout, {}, {user_id: 1}
+      expect(session[:user_id]).to be_nil
+      expect(response).to redirect_to(action: :login)
+    end
+  end
+end

data/spec/controllers/users_controller_spec.rb

@@ -0,0 +1,182 @@
+require 'rails_helper'
+
+# This spec was generated by rspec-rails when you ran the scaffold generator.
+# It demonstrates how one might use RSpec to specify the controller code that
+# was generated by Rails when you ran the scaffold generator.
+#
+# It assumes that the implementation code is generated by the rails scaffold
+# generator.  If you are using any extension libraries to generate different
+# controller code, this generated spec may or may not pass.
+#
+# It only uses APIs available in rails and/or rspec-rails.  There are a number
+# of tools you can use to make these specs even more expressive, but we're
+# sticking to rails and rspec-rails APIs to keep things simple and stable.
+#
+# Compared to earlier versions of this generator, there is very limited use of
+# stubs and message expectations in this spec.  Stubs are only used when there
+# is no simpler way to get a handle on the object needed for the example.
+# Message expectations are only used when there is no simpler way to specify
+# that an instance is receiving a specific message.
+
+RSpec.describe UsersController, type: :controller do
+
+  # This should return the minimal set of attributes required to create a valid
+  # model. As you add validations to model, be sure to
+  # adjust the attributes here as well.
+  let(:valid_attributes) {
+    {email: 'tester@baseball-bridge.org', lang_id: Lang.find_or_create_by(code: :ja).id}
+  }
+
+  let(:invalid_attributes) {
+    {lang_id: nil}
+  }
+
+  # This should return the minimal set of values that should be in the session
+  # in order to pass any filters (e.g. authentication) defined in
+  # Controller. Be sure to keep this updated too.
+  let(:valid_user){ User.create!(valid_attributes) }
+  let(:valid_user2){ User.create!(valid_attributes) }
+
+  let(:valid_session) { {user_id: valid_user.id} }
+
+  let(:logout_session) { valid_session.merge(user_id: nil)  }
+
+  let(:login_session) { valid_session }
+
+  let(:model) { User }
+
+  let(:new_attributes) {
+    valid_attributes.merge(email: 'tester2@baseball-bridge.org')
+  }
+
+  def index_path
+    users_path
+  end
+
+  def show_path(params)
+    user_path(params)
+  end
+
+  def edit_path(params)
+    edit_user_path(params)
+  end
+
+  def new_path
+    new_user_path
+  end
+
+  describe "GET #index" do
+    it "assigns all records as @records" do
+      record = model.create! valid_attributes
+      get :index, {}, logout_session
+      expect(assigns(:records)).to eq([record,valid_user])
+    end
+  end
+
+  describe "GET #show" do
+    it "assigns the requested record as @record" do
+      record = model.create! valid_attributes
+      get :show, {:id => record.id}, valid_session
+      expect(assigns(:record)).to eq(record)
+    end
+  end
+
+  describe "GET #new" do
+    it "no routing" do
+      expect{
+        get :new, {}, valid_session
+      }.to raise_error(ActionController::UrlGenerationError)
+    end
+  end
+
+  describe "user is self required" do
+    let!(:record){ valid_user }
+
+    before do
+    end
+
+    describe "GET #edit" do
+      it "assigns the requested record as @record" do
+        get :edit, {:id => record.id}, login_session
+        expect(assigns(:record)).to eq(record)
+      end
+
+      it "another user" do
+        get :edit, {:id => record.id}, {user_id: valid_user2.id}
+        expect(response.status).to eq(403)
+      end
+
+      it "not logged in" do
+        get :edit, {:id => record.id}, logout_session
+        expect(response.status).to eq(401)
+      end
+    end
+
+    describe "PUT #update" do
+      context "with valid params" do
+        it "updates the requested record" do
+          put :update, {:id => record.id, model.table_name => new_attributes}, login_session
+          record.reload
+          new_attributes.each do |k,v|
+            expect(record[k].to_s).to eq(v.to_s)
+          end
+        end
+
+        it "assigns the requested record as @record" do
+          put :update, {:id => record.id, model.table_name => valid_attributes}, login_session
+          expect(assigns(:record)).to eq(record)
+        end
+
+        it "redirects to the record" do
+          put :update, {:id => record.id, model.table_name => valid_attributes}, login_session
+          expect(response).to redirect_to(record)
+        end
+      end
+
+      context "with invalid params" do
+        it "assigns the record as @record" do
+          put :update, {:id => record.id, model.table_name => invalid_attributes}, login_session
+          expect(response).to redirect_to(edit_path(id: record.id))
+        end
+
+        it "re-renders the 'edit' template" do
+          put :update, {:id => record.id, model.table_name => invalid_attributes}, login_session
+          expect(response).to redirect_to(edit_path(id: record.id))
+        end
+      end
+
+      it "another user" do
+        put :update, {:id => record.id}, {user_id: valid_user2.id}
+        expect(response.status).to eq(403)
+      end
+
+      it "not logged in" do
+        put :update, {:id => record.id}, logout_session
+        expect(response.status).to eq(401)
+      end
+    end
+
+    describe "DELETE #destroy" do
+      it "destroys the requested record" do
+        expect {
+          delete :destroy, {:id => record.id}, login_session
+        }.to change(model, :count).by(-1)
+      end
+
+      it "destroys the requested record redirect" do
+        delete :destroy, {:id => record.id}, login_session
+        expect(response).to redirect_to(index_path)
+      end
+
+      it "another user" do
+        delete :destroy, {:id => record.id}, {user_id: valid_user2.id}
+        expect(response.status).to eq(403)
+      end
+
+      it "not logged in" do
+        delete :destroy, {:id => record.id}, logout_session
+        expect(response.status).to eq(401)
+      end
+    end
+  end
+end