zuora_connect 3.1.5.pre.e → 3.1.5.pre.g
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/app/controllers/zuora_connect/static_controller.rb +2 -1
- data/app/models/zuora_connect/app_instance_base.rb +7 -1
- data/app/models/zuora_connect/zuora_user.rb +1 -1
- data/lib/zuora_connect/controllers/helpers.rb +78 -4
- data/lib/zuora_connect/exceptions.rb +2 -1
- data/lib/zuora_connect/version.rb +1 -1
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: bf4d387450ce6927d341515534491f97406c5ae7a083aa95733db6f78259fa0e
|
|
4
|
+
data.tar.gz: b65d9eaf5e74d8cc5ad87fa089504f559454a1aa608b941dafecfc6bccd1e71e
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 4a4992ccb7dc60276ce8723a97d999b6b046eeba6391c1a080ddda8fd01dbf0e8895ce7194334e3532ba49c996b569d61e3c059fc9ac4529494c570185423a08
|
|
7
|
+
data.tar.gz: 66d66669ee2189d94c7f548fa5c48ff3a8c8f349655113b808a7676e0b6d5221d482b1d499b3228e9921e75ab1c178061ce66415c74870c57d462feabcfcab89
|
|
@@ -1,4 +1,5 @@
|
|
|
1
1
|
module ZuoraConnect
|
|
2
|
+
require "resolv"
|
|
2
3
|
class StaticController < ApplicationController
|
|
3
4
|
before_action :authenticate_connect_app_request, :except => [:health, :initialize_app, :provision, :instance_user, :instance_drop]
|
|
4
5
|
before_action :clear_connect_app_session, :only => [:health, :initialize_app, :provision, :instance_user, :instance_drop]
|
|
@@ -124,7 +125,7 @@ module ZuoraConnect
|
|
|
124
125
|
|
|
125
126
|
def instance_drop
|
|
126
127
|
host = request.headers.fetch("HOST", nil)
|
|
127
|
-
if host.present? && ZuoraConnect::AppInstance::INTERNAL_HOSTS.include?(host)
|
|
128
|
+
if host.present? && (ZuoraConnect::AppInstance::INTERNAL_HOSTS.include?(host) || host =~ Resolv::IPv4::Regex)
|
|
128
129
|
ZuoraConnect::AppInstance.read_master_db do
|
|
129
130
|
instance_id = params[:id]
|
|
130
131
|
@appinstance = ZuoraConnect::AppInstance.find(instance_id)
|
|
@@ -519,7 +519,7 @@ module ZuoraConnect
|
|
|
519
519
|
rescue ArgumentError, OpenSSL::Cipher::CipherError => ex
|
|
520
520
|
if (
|
|
521
521
|
ex.is_a?(ArgumentError) && ['invalid base64', 'data must not be empty'].include?(ex.message) ||
|
|
522
|
-
|
|
522
|
+
ex.is_a?(OpenSSL::Cipher::CipherError) && ['wrong final block length', 'bad decrypt'].include?(ex.message)
|
|
523
523
|
) && encryption_type == :envelope && (kms_tries += 1) < 3
|
|
524
524
|
ZuoraConnect.logger.warn("Fallback to encryption 'direct', from '#{encryption_type}'", ex, self.default_ougai_items)
|
|
525
525
|
encryption_type = :direct
|
|
@@ -907,6 +907,12 @@ module ZuoraConnect
|
|
|
907
907
|
|
|
908
908
|
session["#{self.id}::last_refresh"] = self.last_refresh
|
|
909
909
|
session["appInstance"] = self.id
|
|
910
|
+
|
|
911
|
+
unless ZuoraConnect::ZuoraUser.current_org_child_org_ids.nil?
|
|
912
|
+
session["zuora_org_id"] = ZuoraConnect::ZuoraUser.current_org_id
|
|
913
|
+
session["zuora_org_child_org_ids"] = ZuoraConnect::ZuoraUser.current_org_child_org_ids
|
|
914
|
+
end
|
|
915
|
+
|
|
910
916
|
return session
|
|
911
917
|
end
|
|
912
918
|
|
|
@@ -3,7 +3,7 @@ module ZuoraConnect
|
|
|
3
3
|
self.table_name = "zuora_users"
|
|
4
4
|
attr_accessor :session
|
|
5
5
|
|
|
6
|
-
cattr_accessor :current_user_id, :current_org_id
|
|
6
|
+
cattr_accessor :current_user_id, :current_org_id, :current_org_child_org_ids
|
|
7
7
|
|
|
8
8
|
# zuora_user_id/zuora_entity_id both come from cookie or headers
|
|
9
9
|
# zuora_current_identity comes from session
|
|
@@ -21,7 +21,6 @@ module ZuoraConnect
|
|
|
21
21
|
end
|
|
22
22
|
|
|
23
23
|
ZuoraConnect::ZuoraUser.current_user_id = request.headers["Zuora-User-Id"]
|
|
24
|
-
ZuoraConnect::ZuoraUser.current_org_id = request.headers["Zuora-Org-Id"]
|
|
25
24
|
|
|
26
25
|
if request.headers["API-Token"].present?
|
|
27
26
|
@appinstance = ZuoraConnect::AppInstance.find_by(:api_token => request.headers["API-Token"])
|
|
@@ -67,6 +66,39 @@ module ZuoraConnect
|
|
|
67
66
|
end
|
|
68
67
|
|
|
69
68
|
@zuora_user = ZuoraConnect::ZuoraUser.find_by(zuora_user_id: ZuoraConnect::ZuoraUser.current_user_id)
|
|
69
|
+
|
|
70
|
+
zuora_org_id = request.headers["Zuora-Org-Id"]
|
|
71
|
+
zuora_return_nested_orgs_data = request.headers['Zuora-Return-Nested-Orgs-Data'].to_bool
|
|
72
|
+
ZuoraConnect::ZuoraUser.current_org_id = zuora_org_id
|
|
73
|
+
ZuoraConnect::ZuoraUser.current_org_child_org_ids = nil
|
|
74
|
+
|
|
75
|
+
if zuora_return_nested_orgs_data
|
|
76
|
+
cached_session = @appinstance.data_lookup(session: session)
|
|
77
|
+
|
|
78
|
+
if cached_session['zuora_org_id'] == ZuoraConnect::ZuoraUser.current_org_id &&
|
|
79
|
+
cached_session.key?('zuora_org_child_org_ids')
|
|
80
|
+
ZuoraConnect::ZuoraUser.current_org_child_org_ids = cached_session['zuora_org_child_org_ids']
|
|
81
|
+
else
|
|
82
|
+
begin
|
|
83
|
+
zuora_client = @appinstance.target_login.client
|
|
84
|
+
child_org_list, _ =
|
|
85
|
+
zuora_client.rest_call(
|
|
86
|
+
url: zuora_client.
|
|
87
|
+
rest_endpoint("tenant-registry/listChildOrgsForOrg/#{ZuoraConnect::ZuoraUser.current_org_id}").
|
|
88
|
+
gsub('v1/', ''),
|
|
89
|
+
session_type: zuora_client.is_a?(ZuoraAPI::Oauth) ? :bearer : :basic,
|
|
90
|
+
zuora_track_id: ZuoraConnect::RequestIdMiddleware.zuora_request_id
|
|
91
|
+
)
|
|
92
|
+
rescue ZuoraAPI::Exceptions::ZuoraAPIError => ex
|
|
93
|
+
if ex.message.include?('organization does not exist')
|
|
94
|
+
raise ZuoraConnect::Exceptions::OrganizationAccessForbidden
|
|
95
|
+
else
|
|
96
|
+
raise
|
|
97
|
+
end
|
|
98
|
+
end
|
|
99
|
+
ZuoraConnect::ZuoraUser.current_org_child_org_ids = child_org_list.map { |org| org['id'] }
|
|
100
|
+
end
|
|
101
|
+
end
|
|
70
102
|
end
|
|
71
103
|
end
|
|
72
104
|
|
|
@@ -416,11 +448,8 @@ module ZuoraConnect
|
|
|
416
448
|
appinstances ||= ZuoraConnect::AppInstance.where("zuora_entity_ids ?& array[:entities] = true AND zuora_domain = :host", entities: [zuora_entity_id], host: zuora_client.rest_domain).pluck(:id, :name)
|
|
417
449
|
end
|
|
418
450
|
|
|
419
|
-
zuora_org_id = cookies['Zuora-Org-Id'] || request.headers['Zuora-User-Id']
|
|
420
451
|
zuora_user_id = cookies['Zuora-User-Id'] || session["ZuoraCurrentIdentity"]['userId'] || request.headers["Zuora-User-Id"]
|
|
421
452
|
|
|
422
|
-
ZuoraConnect::ZuoraUser.current_org_id = zuora_org_id
|
|
423
|
-
|
|
424
453
|
if appinstances.size == 1
|
|
425
454
|
ZuoraConnect.logger.debug("Instance is #{appinstances.to_h.keys.first}")
|
|
426
455
|
@appinstance = ZuoraConnect::AppInstance.find(appinstances.to_h.keys.first)
|
|
@@ -561,6 +590,40 @@ module ZuoraConnect
|
|
|
561
590
|
session["appInstance"] = @appinstance.id
|
|
562
591
|
end
|
|
563
592
|
|
|
593
|
+
zuora_org_id = cookies['Zuora-Org-Id'] || request.headers['Zuora-Org-Id']
|
|
594
|
+
zuora_return_nested_orgs_data =
|
|
595
|
+
cookies['Zuora-Return-Nested-Orgs-Data'].to_bool ||
|
|
596
|
+
request.headers['Zuora-Return-Nested-Orgs-Data'].to_bool
|
|
597
|
+
ZuoraConnect::ZuoraUser.current_org_id = zuora_org_id
|
|
598
|
+
ZuoraConnect::ZuoraUser.current_org_child_org_ids = nil
|
|
599
|
+
|
|
600
|
+
if zuora_return_nested_orgs_data
|
|
601
|
+
cached_session = @appinstance.data_lookup(session: session)
|
|
602
|
+
|
|
603
|
+
if cached_session['zuora_org_id'] == ZuoraConnect::ZuoraUser.current_org_id &&
|
|
604
|
+
cached_session.key?('zuora_org_child_org_ids')
|
|
605
|
+
ZuoraConnect::ZuoraUser.current_org_child_org_ids = cached_session['zuora_org_child_org_ids']
|
|
606
|
+
else
|
|
607
|
+
begin
|
|
608
|
+
child_org_list, _ =
|
|
609
|
+
zuora_client.rest_call(
|
|
610
|
+
url: zuora_client.
|
|
611
|
+
rest_endpoint("tenant-registry/listChildOrgsForOrg/#{ZuoraConnect::ZuoraUser.current_org_id}").
|
|
612
|
+
gsub('v1/', ''),
|
|
613
|
+
session_type: zuora_client.is_a?(ZuoraAPI::Oauth) ? :bearer : :basic,
|
|
614
|
+
headers: auth_headers,
|
|
615
|
+
zuora_track_id: ZuoraConnect::RequestIdMiddleware.zuora_request_id
|
|
616
|
+
)
|
|
617
|
+
rescue ZuoraAPI::Exceptions::ZuoraAPIError => ex
|
|
618
|
+
if ex.message.include?('organization does not exist')
|
|
619
|
+
raise ZuoraConnect::Exceptions::OrganizationAccessForbidden
|
|
620
|
+
else
|
|
621
|
+
raise
|
|
622
|
+
end
|
|
623
|
+
end
|
|
624
|
+
ZuoraConnect::ZuoraUser.current_org_child_org_ids = child_org_list.map { |org| org['id'] }
|
|
625
|
+
end
|
|
626
|
+
end
|
|
564
627
|
rescue ZuoraAPI::Exceptions::ZuoraAPIAuthenticationTypeError => ex
|
|
565
628
|
output_xml, input_xml, response = zuora_client.soap_call(errors: [], z_session: false, zuora_track_id: ZuoraConnect::RequestIdMiddleware.zuora_request_id) do |xml|
|
|
566
629
|
xml['api'].getUserInfo
|
|
@@ -577,6 +640,17 @@ module ZuoraConnect
|
|
|
577
640
|
redirect_to "https://#{zuora_host}/apps/newlogin.do?retURL=#{request.fullpath}&pos=1"
|
|
578
641
|
return
|
|
579
642
|
|
|
643
|
+
rescue ZuoraConnect::Exceptions::OrganizationAccessForbidden => ex
|
|
644
|
+
locals = {
|
|
645
|
+
title: "You cannot operate with the current organization",
|
|
646
|
+
message: "Please switch the organization and try again"
|
|
647
|
+
}
|
|
648
|
+
respond_to do |format|
|
|
649
|
+
format.html { render "zuora_connect/static/error_handled", locals: locals, status: 403, layout: false }
|
|
650
|
+
format.js { render "zuora_connect/static/error_handled", locals: locals, status: 202, layout: false }
|
|
651
|
+
format.json { render json: {'errors' => ex.message}, status: 403 }
|
|
652
|
+
format.all { render json: ex.message, status: 403 }
|
|
653
|
+
end
|
|
580
654
|
rescue ZuoraAPI::Exceptions::ZuoraAPIError, Exception => ex
|
|
581
655
|
if ex.message.include?("Referenced User resource(s) not found") && ex.class == ZuoraAPI::Exceptions::ZuoraAPIError
|
|
582
656
|
locals = {title: "Provisioning Error", message: "New tenants need to be provisioned by API Gateway('#{ex.message}'). Please contact support."}
|
|
@@ -66,12 +66,13 @@ module ZuoraConnect
|
|
|
66
66
|
end
|
|
67
67
|
end
|
|
68
68
|
|
|
69
|
+
|
|
69
70
|
class OrganizationAccessForbidden < Error
|
|
70
71
|
attr_writer :default_message
|
|
71
72
|
|
|
72
73
|
def initialize(message = nil)
|
|
73
74
|
@message = message
|
|
74
|
-
@default_message = "You are not authorized to access
|
|
75
|
+
@default_message = "You are not authorized to access with the current organization."
|
|
75
76
|
end
|
|
76
77
|
|
|
77
78
|
def to_s
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: zuora_connect
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 3.1.5.pre.
|
|
4
|
+
version: 3.1.5.pre.g
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Connect Team
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2022-11-
|
|
11
|
+
date: 2022-11-08 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: apartment
|