zuora_connect 2.0.57e → 2.0.57f

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 9b2e138a9e6f9b4a52f7137f75f1e5b42ea0ec86d3b171200c8c1f72f420e354
-  data.tar.gz: 1a3623a3c7642fd58874073a40df968ca2cf873d57e37ce1b6cc73b4578a7a92
+  metadata.gz: abdb831ee4c52ca77b9d88bc6af7592d4c5675d969972f5df8cad88768da95c3
+  data.tar.gz: 2047383429c6d9aac57602e427e87c75be3bf281998287971b0f4e70c759c266
 SHA512:
-  metadata.gz: 24c23ef88ab8eedae5a9f2f3a6dfd5f7e7156f9bbac0e1d8c17e6194ad88b28c0bdbb3ac6e7d6d4ff8a5000b8a0296bd122190c6e6e300b85597e4be9f0283c9
-  data.tar.gz: 13dfee8116281ea45195120f9ede4e7317eb80b6fe138e912207c5ab6106f931516e251c95dc470efcc1d30dc46863216c5bb8d4124d03ad74b145ce09f67884
+  metadata.gz: d2fee7867ef23c4057389bc4c9ba97304e4ea29310f8408df18790333fde7eb6709a8e0f02f9610b5ffb9c4354134917f4b2e6fef5e3dc56c8baf6e3dd29e11b
+  data.tar.gz: e69ed51eee1b04b4fd51d51c005b3aabf833fbcb71c8680694bc66406f00ae392e279e4f85c55bf2dd41f33a53c9eeca53e0ffa709c9cb76ebab489efe4e3842

data/app/views/zuora_connect/static/launch.html.erb

@@ -3,12 +3,7 @@
     <title>Select Task ID</title>
     <meta name="viewport" content="width=device-width,initial-scale=1">
     <style>
-      body {
-        background-color: #EFEFEF;
-        margin: 0;
-      }
-
-      div.connect-dialog {
+      .connect-dialog {
         width: 95%;
         max-width: 33em;
         margin: 4em auto 0;
@@ -16,7 +11,11 @@
         text-align: center;
       }
 
-      div.connect-dialog > div {
+      .connect-dialog div {
+        background-color: white;
+        color: #2E2F30;
+        text-align: center;
+        font-family: arial, sans-serif;
         margin: 0 0 1em;
         border: 1px solid #CCC;
         border-right-color: #999;
@@ -27,19 +26,17 @@
         border-top-right-radius: 9px;
         border-bottom-left-radius: 9px;
         border-bottom-right-radius: 9px;
-        background-color: white;
         padding: 7px 12% 0;
         box-shadow: 0 3px 8px rgba(50, 50, 50, 0.17);
       }
 
-      div.connect-dialog > h1 {
+      .connect-dialog h1 {
         font-size: 100%;
         color: #3D4B5A;
         line-height: 1.5em;
       }
 
-        
-      div.connect-dialog > div.launch_button {
+      .connect-dialog .launch_button {
         margin: 1em 0 1em;
         margin-right: auto;
         margin-left: auto;

data/lib/zuora_connect/controllers/helpers.rb

@@ -149,24 +149,24 @@ module ZuoraConnect
         ZuoraConnect::AppInstance.destroy(id)
         Apartment::Tenant.drop(id)
         render "zuora_connect/static/error_handled", :locals => {
-          :title => "Application Setup Error", 
+          :title => "Application Setup Error",
           :message => "Application cannot be run using Zuora Session. Delete old application \
           deployment and create new with Zuora Basic or OAuth credentials."
         }, :layout => false
-        return 
+        return
       rescue ZuoraConnect::Exceptions::AccessDenied => ex
         respond_to do |format|
-          format.html { 
+          format.html {
             render "zuora_connect/static/error_handled", :locals => {
-                :title => "Application State Error", 
+                :title => "Application State Error",
                 :message => ex.message
-              }, status: 401, layout: false 
+              }, status: 401, layout: false
           }
-          format.js { 
+          format.js {
             render "zuora_connect/static/error_handled", :locals => {
-                :title => "Application State Error", 
+                :title => "Application State Error",
                 :message => ex.message
-              }, status: 401, layout: false 
+              }, status: 401, layout: false
           }
           format.json { render json: {'errors' => ex.message}, status: 401 }
           format.all { render json: ex.message, status: 401 }
@@ -196,17 +196,17 @@ module ZuoraConnect
           raise ZuoraConnect::Exceptions::AccessDenied.new("User is not an authorized admin for this application") if raise_error
 
           respond_to do |format|
-            format.html { 
+            format.html {
               render "zuora_connect/static/error_handled", :locals => {
-                  :title => "Unauthorized", 
+                  :title => "Unauthorized",
                   :message => "User is not an authorized admin for this application"
                 }, status: 401, :layout => false
             }
-            format.js { 
+            format.js {
               render "zuora_connect/static/error_handled", :locals => {
-                  :title => "Unauthorized", 
+                  :title => "Unauthorized",
                   :message => "User is not an authorized admin for this application"
-                }, status: 401, :layout => false 
+                }, status: 401, :layout => false
             }
             format.json { render json: {'errors' => ex.message}, status: 401 }
             format.all { render json: ex.message, status: 401 }
@@ -246,7 +246,7 @@ module ZuoraConnect
             auth_headers.merge!({'Authorization' => "ZSession-a3N2w #{zuora_client.get_session(prefix: false, auth_type: :basic)}"})
           else
             render "zuora_connect/static/error_handled", :locals => {
-              :title => "Missing Authorization Token", 
+              :title => "Missing Authorization Token",
               :message => "Zuora 'Zuora-Auth-Token' header and 'ZSession' cookie not present."
             }, :layout => false
             return
@@ -268,27 +268,34 @@ module ZuoraConnect
                 if zuora_tenant_id.to_s == "10548"
                   session.clear
                   render "zuora_connect/static/error_handled", :locals => {
-                    :title => "Security Testing", 
+                    :title => "Security Testing",
                     :message => "Ya we know it you"
                   }, :layout => false
                   return
                 else
-                  raise ZuoraConnect::Exceptions::Error.new("Header entity id does not match identity call entity id.") 
+                  raise ZuoraConnect::Exceptions::Error.new("Header entity id does not match identity call entity id.")
                 end
               end
 
+              ##
+              # If the ZSession was refreshed, but it's still the same user and they aren't launching from the side bar,
+              # we don't need to continue
+              is_same_user = identity.slice("entityId", "tenantId", "userId", "userProfileId") == session.slice("entityId", "tenantId", "userId", "userProfileId")
+              zuora_details["identity"]["entityId"] = identity['entityId']
               session["ZuoraCurrentIdentity"] = identity
               session["ZuoraCurrentEntity"] = identity['entityId']
               session["ZSession"] = cookies['ZSession']
-              zuora_instance_id = nil
-              zuora_details["identity"]["entityId"] = identity['entityId']
-
-              client_describe, response = zuora_client.rest_call(
-                url: zuora_client.rest_endpoint("genesis/user/info").gsub('v1/', ''), 
-                session_type: zuora_client.class == ZuoraAPI::Oauth ? :bearer : :basic, 
-                headers: auth_headers
-              )
-              session["ZuoraCurrentUserInfo"] = client_describe
+              unless is_same_user && !params[:sidebar_launch].to_s.to_bool
+                zuora_instance_id = nil
+                ZuoraConnect.logger.debug("UI Authorization", zuora: zuora_details)
+
+                client_describe, response = zuora_client.rest_call(
+                    url: zuora_client.rest_endpoint("genesis/user/info").gsub('v1/', ''),
+                    session_type: zuora_client.class == ZuoraAPI::Oauth ? :bearer : :basic,
+                    headers: auth_headers
+                )
+                session["ZuoraCurrentUserInfo"] = client_describe
+              end
             end
 
             #Find matching app instances.
@@ -296,7 +303,7 @@ module ZuoraConnect
               appinstances = ZuoraConnect::AppInstance.where("zuora_entity_ids ?& array[:entities] = true AND zuora_domain = :host AND id = :id", entities: [zuora_entity_id], host: zuora_client.rest_domain, id: zuora_instance_id.to_i).pluck(:id, :name)
             else
               #if app_instance_ids is present then permissions still controlled by connect
-              if params[:app_instance_ids].present? 
+              if params[:app_instance_ids].present?
                 navbar, response = zuora_client.rest_call(url: zuora_client.rest_endpoint("navigation"))
                 urls = navbar['menus'].map {|x| x['url']}
                 app_env = ENV["DEIS_APP"] || "xyz123"
@@ -304,7 +311,7 @@ module ZuoraConnect
                 if url.blank?
                   if navbar['menus'].map {|x| x['label']}.include?('Link Connect Account')
                     render "zuora_connect/static/error_handled", :locals => {
-                      :title => "Link Account", 
+                      :title => "Link Account",
                       :message => "Link Connect account to gain access to application."
                     }, :layout => false
                     return
@@ -330,7 +337,7 @@ module ZuoraConnect
               ZuoraConnect.logger.debug("Instance is #{appinstances.to_h.keys.first}")
               @appinstance = ZuoraConnect::AppInstance.find(appinstances.to_h.keys.first)
 
-              #Add user/update 
+              #Add user/update
               begin
                 @zuora_user = ZuoraConnect::ZuoraUser.where(:zuora_user_id => zuora_user_id).first
               rescue ActiveRecord::StatementInvalid => ex
@@ -350,7 +357,7 @@ module ZuoraConnect
               else
                 ZuoraConnect.logger.debug("New zuora user object for #{zuora_user_id}")
                 @zuora_user = ZuoraConnect::ZuoraUser.create!(:zuora_user_id => zuora_user_id, :zuora_identity_response => {zuora_entity_id => session["ZuoraCurrentIdentity"]})
-              end 
+              end
               @zuora_user.session = session
               session["#{@appinstance.id}::user::localUserId"] = @zuora_user.id
               session["#{@appinstance.id}::user::email"] = session['ZuoraCurrentIdentity']["username"]
@@ -359,19 +366,19 @@ module ZuoraConnect
               session["appInstance"] = @appinstance.id
 
             #We have multiple, user must pick
-            elsif appinstances.size > 1 
+            elsif appinstances.size > 1
               ZuoraConnect.logger.debug("User must select instance. #{@names}")
               render "zuora_connect/static/launch", :locals => {:names => appinstances.to_h}, :layout => false
               return
 
             #We have no deployed instance for this tenant
-            else 
-              #Ensure user can access oauth creation API 
+            else
+              #Ensure user can access oauth creation API
               if !session["ZuoraCurrentUserInfo"]['permissions'].include?("permission.userManagement")
                 Thread.current[:appinstance] = nil
                 session["appInstance"] = nil
                 render "zuora_connect/static/error_handled", :locals => {
-                  :title => "Application can only complete its initial setup via platform administrator", 
+                  :title => "Application can only complete its initial setup via platform administrator",
                   :message => "Please contact admin who has user managment permissions in tenant and have them click and finish setup."
                 }, :layout => false
                 return
@@ -389,20 +396,20 @@ module ZuoraConnect
                 next_id = (ZuoraConnect::AppInstance.all.where('id > 24999999').order(id: :desc).limit(1).pluck(:id).first || 24999999) + 1
                 user = (ENV['DEIS_APP'] || "Application").split('-').map(&:capitalize).join(' ')
                 body = {
-                  'userId' => zuora_user_id, 
-                  'entityIds' => [zuora_entity_id.unpack("a8a4a4a4a12").join('-')], 
-                  'customAuthorities' => [], 
+                  'userId' => zuora_user_id,
+                  'entityIds' => [zuora_entity_id.unpack("a8a4a4a4a12").join('-')],
+                  'customAuthorities' => [],
                   'additionalInformation' => {
-                    'description' => "This user is for #{user} application.", 
+                    'description' => "This user is for #{user} application.",
                     'name' => "#{user} API User #{next_id}"
                   }
                 }
 
                 oauth_response, response = zuora_client.rest_call(
-                  method: :post, 
-                  body: body.to_json, 
-                  url: zuora_client.rest_endpoint("genesis/clients").gsub('v1/', ''), 
-                  session_type: zuora_client.class == ZuoraAPI::Oauth ? :bearer : :basic, 
+                  method: :post,
+                  body: body.to_json,
+                  url: zuora_client.rest_endpoint("genesis/clients").gsub('v1/', ''),
+                  session_type: zuora_client.class == ZuoraAPI::Oauth ? :bearer : :basic,
                   headers: auth_headers
                 )
 
@@ -444,7 +451,7 @@ module ZuoraConnect
                     Thread.current[:appinstance] = nil
                     session["appInstance"] = nil
                     render "zuora_connect/static/error_handled", :locals => {
-                      :title => "Application could not create unique tokens.", 
+                      :title => "Application could not create unique tokens.",
                       :message => "Please contact support or retry launching application."
                     }, :layout => false
                     return
@@ -477,7 +484,7 @@ module ZuoraConnect
             end
             redirect_to "https://#{zuora_host}/apps/newlogin.do?retURL=#{request.fullpath}"
             return
-         
+
           rescue ZuoraAPI::Exceptions::ZuoraAPIError, Exception => ex
             if ex.message.include?("Referenced User resource(s) not found") && ex.class == ZuoraAPI::Exceptions::ZuoraAPIError
               locals = {title: "Provisioning Error", message: "New tenats need to be provisioned by API Gateway('#{ex.message}'). Please contact support."}
@@ -490,7 +497,7 @@ module ZuoraConnect
               ZuoraConnect.logger.error("UI Authorization Error", ex, zuora: zuora_details)
               render "zuora_connect/static/error_unhandled", locals: {exception: ex, skip_exception: true}, layout: false, status: 500
             end
-            return              
+            return
           end
         elsif request["data"] && /^([A-Za-z0-9+\/\-\_]{4})*([A-Za-z0-9+\/]{4}|[A-Za-z0-9+\/]{3}=|[A-Za-z0-9+\/]{2}==)$/.match(request["data"].to_s)
           session.clear
@@ -529,10 +536,10 @@ module ZuoraConnect
             else
               raise ZuoraConnect::Exceptions::AccessDenied.new("Authorization mismatch. Possible tampering with session.")
             end
-          end 
+          end
         else
           if session["appInstance"].present?
-            @appinstance = ZuoraConnect::AppInstance.find_by(:id => session["appInstance"]) 
+            @appinstance = ZuoraConnect::AppInstance.find_by(:id => session["appInstance"])
           else
             raise ZuoraConnect::Exceptions::AccessDenied.new("No application state or session found.")
           end

data/lib/zuora_connect/version.rb

@@ -1,3 +1,3 @@
 module ZuoraConnect
-  VERSION = "2.0.57e"
+  VERSION = "2.0.57f"
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: zuora_connect
 version: !ruby/object:Gem::Version
-  version: 2.0.57e
+  version: 2.0.57f
 platform: ruby
 authors:
 - Connect Team
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2020-04-22 00:00:00.000000000 Z
+date: 2020-05-07 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: apartment