summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--.gitignore4
-rw-r--r--Gemfile5
-rw-r--r--Gemfile.lock11
-rw-r--r--README.md68
-rw-r--r--Readme.md24
-rw-r--r--app/controllers/application_controller.rb7
-rw-r--r--app/views/home/index.html.haml8
-rw-r--r--config/config.yml.example8
-rw-r--r--config/initializers/load_config.rb1
-rw-r--r--help/app/controllers/tickets_controller.rb73
-rw-r--r--help/app/models/ticket.rb36
-rw-r--r--help/app/models/ticket_comment.rb14
-rw-r--r--help/app/views/tickets/_comment.html.haml13
-rw-r--r--help/app/views/tickets/_new_comment.html.haml3
-rw-r--r--help/app/views/tickets/index.html.haml10
-rw-r--r--help/app/views/tickets/new.html.haml16
-rw-r--r--help/app/views/tickets/show.html.haml26
-rw-r--r--help/config/routes.rb3
-rw-r--r--help/test/functional/tickets_controller_test.rb63
-rw-r--r--help/test/unit/ticket_comment_test.rb11
-rw-r--r--help/test/unit/ticket_test.rb8
-rw-r--r--test/dummy/app/controllers/application_controller.rb2
-rw-r--r--test/test_helper.rb3
-rw-r--r--users/app/controllers/application_controller.rb14
-rw-r--r--users/app/controllers/controller_extension/authentication.rb34
-rw-r--r--users/app/models/user.rb8
-rw-r--r--users/app/views/sessions/_nav.html.haml5
-rw-r--r--users/config/initializers/add_controller_methods.rb3
-rw-r--r--users/leap_web_users.gemspec2
-rw-r--r--users/test/functional/application_controller_test.rb29
-rw-r--r--users/test/functional/helper_methods_test.rb42
-rw-r--r--users/test/integration/api/account_flow_test.rb2
-rw-r--r--users/test/support/auth_test_helper.rb29
-rw-r--r--users/test/test_helper.rb1
-rw-r--r--users/test/unit/user_test.rb2
35 files changed, 512 insertions, 76 deletions
diff --git a/.gitignore b/.gitignore
index 3567ebd..d447b54 100644
--- a/.gitignore
+++ b/.gitignore
@@ -13,9 +13,13 @@
# Ignore all logfiles and tempfiles.
/log/*.log
/tmp
+*~
/pkg
/*/pkg
/log
*/Gemfile.lock
test/dummy/log/*
test/dummy/tmp/*
+
+# Ignore configuration file.
+config/config.yml \ No newline at end of file
diff --git a/Gemfile b/Gemfile
index 10c661a..8b13e51 100644
--- a/Gemfile
+++ b/Gemfile
@@ -9,7 +9,8 @@ eval(File.read(File.dirname(__FILE__) + '/ui_dependencies.rb'))
gem "leap_web_core", :path => 'core'
gem 'leap_web_users', :path => 'users'
gem 'leap_web_certs', :path => 'certs'
-# gem 'leap_web_help', :path => 'help'
+gem 'leap_web_help', :path => 'help'
# To use debugger
-gem 'ruby-debug'
+gem 'debugger', :platforms => :mri_19
+gem 'ruby-debug', :platforms => :mri_18
diff --git a/Gemfile.lock b/Gemfile.lock
index a9ca432..01a2291 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -15,12 +15,18 @@ PATH
rails (~> 3.2.8)
PATH
+ remote: help
+ specs:
+ leap_web_help (0.1.0)
+ leap_web_core (= 0.1.0)
+
+PATH
remote: users
specs:
leap_web_users (0.1.0)
leap_web_core (= 0.1.0)
rails_warden
- ruby-srp (~> 0.1.3)
+ ruby-srp (~> 0.1.4)
GEM
remote: https://rubygems.org/
@@ -140,7 +146,7 @@ GEM
ruby-debug-base (~> 0.10.4.0)
ruby-debug-base (0.10.4)
linecache (>= 0.3)
- ruby-srp (0.1.3)
+ ruby-srp (0.1.4)
sass (3.2.1)
sass-rails (3.2.5)
railties (~> 3.2.0)
@@ -178,6 +184,7 @@ DEPENDENCIES
jquery-rails
leap_web_certs!
leap_web_core!
+ leap_web_help!
leap_web_users!
mocha
ruby-debug
diff --git a/README.md b/README.md
new file mode 100644
index 0000000..0e77d82
--- /dev/null
+++ b/README.md
@@ -0,0 +1,68 @@
+LEAP Web
+---------------------
+
+"LEAP Web" is the web-based component of the LEAP Platform, providing the following services:
+
+* REST API for user registration.
+* Admin interface to manage users.
+* Client certificate distribution and renewal.
+* User support help tickets.
+
+This web application is written in Ruby on Rails 3, using CouchDB as the backend data store.
+
+Original code specific to this web application is licensed under the GNU Affero General Public License (version 3.0 or higher). See http://www.gnu.org/licenses/agpl-3.0.html for more information.
+
+Documentation
+---------------------------
+
+For more information, see these files in the ``doc`` directory:
+
+* DEPLOY -- for notes on deployment.
+* DEVELOP -- for developer notes.
+* CUSTOM -- how to customize.
+
+Installation
+---------------------------
+
+Typically, this application is installed automatically as part of the LEAP Platform. To install it manually for testing or development, follow these instructions:
+
+### Install system requirements
+
+ sudo apt-get install git ruby1.8 rubygems1.8 couchdb
+ sudo gem install bundler
+
+On Debian Wheezy or later, there is a Debian package for bundler, so you can alternately run ``sudo apt-get install bundler``.
+
+### Download source
+
+ git clone git://leap.se/leap_web
+ cd leap_web
+ git submodule update --init
+
+### Install required ruby libraries
+
+ cd leap_web
+ bundle
+
+Typically, you run ``bundle`` as a normal user and it will ask you for a sudo password when it is time to install the required gems. If you don't have sudo, run ``bundle`` as root.
+
+Configuration
+----------------------------
+
+The webapp can hand out certs for the EIP client. These certs are either picked from a pool in CouchDB or from a file. For now you can either run [Leap CA](http://github.com/leapcode/leap_ca) to fill the pool or you can put your certs file in config/cert.
+
+We also ship provider information through the webapp. For now please add your eip-service.json to the public/config directory.
+
+Copy the example configuration file and customize as appropriate:
+ cp config/config.yml.example config/config.yml
+
+Running
+-----------------------------
+
+ cd leap_web
+ rails server
+
+Then open http://localhost:3000 in your web browser.
+
+To peruse the database, visit http://localhost:5984/_utils/
+
diff --git a/Readme.md b/Readme.md
deleted file mode 100644
index 8b51b4d..0000000
--- a/Readme.md
+++ /dev/null
@@ -1,24 +0,0 @@
-# Leap Web #
-
-Web application for LEAP. Currently Leap Web allows Leap providers to manage users, hand out certs for the EIP.
-
-## Functions ##
-
-### Supported ###
-
-* *User Management* - User Registration and Authentication
-* *Cert Distribution* - Certs for the Encrypted Internet Proxy
-
-### Under Development ###
-
-* *Help Desk* - Managing Help Requests
-
-
-## Documentation ##
-
-* [INSTALL](https://github.com/leapcode/leap_web/blob/master/INSTALL.md) for installation instructions
-* [DEPLOY](https://github.com/leapcode/leap_web/blob/master/DEPLOY.md) for deployment
-* [DEVELOP](https://github.com/leapcode/leap_web/blob/master/DEVELOP.md) for developer notes.
-* [CUSTOM](https://github.com/leapcode/leap_web/blob/master/CUSTOM.md) to customize.
-
-
diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb
index 693bd86..be7aa1f 100644
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@@ -1,10 +1,5 @@
class ApplicationController < ActionController::Base
protect_from_forgery
- helper_method :current_user
-
- private
- def current_user
- @current_user ||= User.find(session[:user_id]) if session[:user_id]
- end
+ ActiveSupport.run_load_hooks(:application_controller, self)
end
diff --git a/app/views/home/index.html.haml b/app/views/home/index.html.haml
index 0be7ca2..9e68674 100644
--- a/app/views/home/index.html.haml
+++ b/app/views/home/index.html.haml
@@ -1,3 +1,11 @@
Try to fetch a
= link_to "cert", cert_path
+
+%p
+Try to create a
+= link_to "ticket", new_ticket_path
+
+%p
+See all
+= link_to "tickets", tickets_path
diff --git a/config/config.yml.example b/config/config.yml.example
new file mode 100644
index 0000000..c34dd10
--- /dev/null
+++ b/config/config.yml.example
@@ -0,0 +1,8 @@
+development:
+ admins: [admin, admin2]
+
+test:
+ admins: [admin, admin2]
+
+production:
+ admins: []
diff --git a/config/initializers/load_config.rb b/config/initializers/load_config.rb
new file mode 100644
index 0000000..e687429
--- /dev/null
+++ b/config/initializers/load_config.rb
@@ -0,0 +1 @@
+APP_CONFIG = YAML.load_file("#{Rails.root}/config/config.yml")[Rails.env]
diff --git a/help/app/controllers/tickets_controller.rb b/help/app/controllers/tickets_controller.rb
new file mode 100644
index 0000000..4c7415b
--- /dev/null
+++ b/help/app/controllers/tickets_controller.rb
@@ -0,0 +1,73 @@
+class TicketsController < ApplicationController
+
+ respond_to :html #, :json
+ #has_scope :open, :type => boolean
+
+ def new
+ @ticket = Ticket.new
+ @ticket.comments.build
+ end
+
+ def create
+ @ticket = Ticket.new(params[:ticket])
+ if current_user
+ @ticket.created_by = current_user.id
+ @ticket.email = current_user.email if current_user.email
+ @ticket.comments.last.posted_by = current_user.id
+ else
+ @ticket.comments.last.posted_by = nil #hacky, but protecting this attribute doesn't work right, so this should make sure it isn't set.
+ end
+
+ flash[:notice] = 'Ticket was successfully created.' if @ticket.save
+ respond_with(@ticket)
+
+ end
+
+=begin
+ def edit
+ @ticket = Ticket.find(params[:id])
+ @ticket.comments.build
+ # build ticket comments?
+ end
+=end
+
+ def show
+ @ticket = Ticket.find(params[:id])
+ # @ticket.comments.build
+ # build ticket comments?
+ end
+
+ def update
+ @ticket = Ticket.find(params[:id])
+ @ticket.attributes = params[:ticket]
+
+ @ticket.comments.last.posted_by = (current_user ? current_user.id : nil) #protecting posted_by isn't working, so this should protect it.
+
+ if @ticket.save
+ flash[:notice] = 'Ticket was successfully updated.'
+ respond_with @ticket
+ else
+ #redirect_to [:show, @ticket] #
+ flash[:alert] = 'Ticket has not been changed'
+ redirect_to @ticket
+ #respond_with(@ticket) # why does this go to edit?? redirect???
+ end
+ end
+
+ def index
+ # @tickets = Ticket.by_title #not actually what we will want
+ respond_with(@tickets = Ticket.all) #we'll want only tickets that this user can access
+ end
+
+ private
+
+ # not using now, as we are using comment_attributes= from the Ticket model
+=begin
+ def add_comment
+ comment = TicketComment.new(params[:comment])
+ comment.posted_by = User.current.id if User.current #could be nil
+ comment.posted_at = Time.now # TODO: it seems strange to have this here, and not in model
+ @ticket.comments << comment
+ end
+=end
+end
diff --git a/help/app/models/ticket.rb b/help/app/models/ticket.rb
index 784d7ef..f38fed2 100644
--- a/help/app/models/ticket.rb
+++ b/help/app/models/ticket.rb
@@ -15,8 +15,8 @@ class Ticket < CouchRest::Model::Base
=end
#belongs_to :user #from leap_web_users. doesn't necessarily belong to a user though
- property :created_by, Integer #nil unless user was authenticated for ticket creation, #THIS should not be changed after being set
- property :regarding_user, Integer # form cannot be submitted if they type in a username w/out corresponding ID. this field can be nil. for authenticated ticket creation by non-admins, should this just automatically be set to be same as created_by? or maybe we don't use this field unless created_by is nil?
+ property :created_by, String, :protected => true #Integer #nil unless user was authenticated for ticket creation, #THIS should not be changed after being set
+ #property :regarding_user, String#Integer # form cannot be submitted if they type in a username w/out corresponding ID. this field can be nil. for authenticated ticket creation by non-admins, should this just automatically be set to be same as created_by? or maybe we don't use this field unless created_by is nil?
#also, both created_by and regarding_user could be nil---say user forgets username, or has general question
property :title, String
property :email, String #verify
@@ -29,18 +29,27 @@ class Ticket < CouchRest::Model::Base
timestamps!
- before_validation :set_created_by, :set_code, :on => :create
+ #before_validation :set_created_by, :set_code, :set_email, :on => :create
+ before_validation :set_code, :set_email, :on => :create
+
+
+ #named_scope :open, :conditions => {:is_open => true} #??
design do
view :by_title
end
+ validates :title, :presence => true
+ #validates :comments, :presence => true #do we want it like this?
+
+ # html5 has built-in validation which isn't ideal, as it says 'please enter an email address' for invalid email addresses, which implies an email address is required, and it is not.
validates :email, :format => /\A([^@\s]+)@((?:[-a-z0-9]+\.)+[a-z]{2,})\Z/, :if => :email #email address is optional
- def set_created_by
- self.created_by = User.current if User.current
- end
+ #TODO:
+ #def set_created_by
+ # self.created_by = User.current if User.current
+ #end
def is_creator_validated?
!!created_by
@@ -51,6 +60,12 @@ class Ticket < CouchRest::Model::Base
self.code = SecureRandom.hex(8) if !is_creator_validated?
end
+
+ def set_email
+ self.email = nil if self.email == ""
+ # in controller set to be current users email if that exists
+ end
+
def close
self.is_open = false
save
@@ -61,6 +76,15 @@ class Ticket < CouchRest::Model::Base
save
end
+ def comments_attributes=(attributes)
+
+ comment = TicketComment.new(attributes.values.first) #TicketComment.new(attributes)
+ #comment.posted_by = User.current.id if User.current #we want to avoid User.current, and current_user won't work here. instead will set in tickets_controller
+ comment.posted_at = Time.now
+ comments << comment
+
+ end
+
=begin
def validate
if email_address and not email_address.strip =~ RFC822::EmailAddress
diff --git a/help/app/models/ticket_comment.rb b/help/app/models/ticket_comment.rb
index 652133a..49e5c6c 100644
--- a/help/app/models/ticket_comment.rb
+++ b/help/app/models/ticket_comment.rb
@@ -2,13 +2,15 @@ class TicketComment
include CouchRest::Model::Embeddable
#belongs_to :ticket #is this best way to do it? will want to access all of a tickets comments, so maybe this isn't the way?
- property :posted_by, Integer, :protected => true# maybe this should be current_user if that is set, meaning the user is logged in #String # user??
+ property :posted_by, String#, :protected => true #Integer#this should be current_user if that is set, meaning the user is logged in #cannot have it be protected and set via comments_attributes=. also, if it is protected and we set in the tickets_controller, it gets unset. TODO---is this okay to have it not protected and manually check it? We do not users to be able to set this.
# if the current user is not set, then we could just say the comment comes from an 'unauthenticated user', which would be somebody with the secret URL
- property :posted_at, Time, :protected => true
+ property :posted_at, Time#, :protected => true
#property :posted_verified, TrueClass, :protected => true #should be true if current_user is set when the comment is created
property :body, String
- before_validation :set_time#, :set_posted_by
+ # ? timestamps!
+ validates :body, :presence => true
+ #before_validation :set_time#, :set_posted_by
#design do
# view :by_posted_at
@@ -18,10 +20,14 @@ class TicketComment
def is_comment_validated?
!!posted_by
end
-
+
+=begin
+ #TODO.
+ #this is resetting all comments associated with the ticket:
def set_time
self.posted_at = Time.now
end
+=end
=begin
def set_posted_by
diff --git a/help/app/views/tickets/_comment.html.haml b/help/app/views/tickets/_comment.html.haml
new file mode 100644
index 0000000..1ba3bd1
--- /dev/null
+++ b/help/app/views/tickets/_comment.html.haml
@@ -0,0 +1,13 @@
+- # style is super ugly but just for now
+%div{:style => "border: solid 1px"}
+ - if User.find(comment.posted_by)
+ Posted by
+ = User.find(comment.posted_by).login
+ - else
+ Unauthenticated post
+ %p
+ Posted at
+ = comment.posted_at
+ %p
+ = comment.body
+ %p \ No newline at end of file
diff --git a/help/app/views/tickets/_new_comment.html.haml b/help/app/views/tickets/_new_comment.html.haml
new file mode 100644
index 0000000..a924dfd
--- /dev/null
+++ b/help/app/views/tickets/_new_comment.html.haml
@@ -0,0 +1,3 @@
+= #do we want this partial? not using it now
+= simple_fields_for :comment do |c|
+ = c.input :body, :label => 'Comment', :as => :text
diff --git a/help/app/views/tickets/index.html.haml b/help/app/views/tickets/index.html.haml
new file mode 100644
index 0000000..6db2140
--- /dev/null
+++ b/help/app/views/tickets/index.html.haml
@@ -0,0 +1,10 @@
+%h2 tickets index (just as space)
+Create a
+= link_to "new ticket", new_ticket_path
+= # below shouldn't be unless logged in
+%h2 Tickets
+= # want to have selection option to see tickets, that are open, closed or all
+- @tickets.each do |ticket|
+ %p
+ = link_to ticket.title, ticket
+= #render(:partial => "ticket", :collection => @tickets)
diff --git a/help/app/views/tickets/new.html.haml b/help/app/views/tickets/new.html.haml
new file mode 100644
index 0000000..537b97f
--- /dev/null
+++ b/help/app/views/tickets/new.html.haml
@@ -0,0 +1,16 @@
+%h2=t :new_ticket
+= simple_form_for(@ticket, :html => {:novalidate => true}) do |f| #turn off html5 validations to test
+ = #@ticket.errors.messages
+ = f.input :title
+ = #f.input :email #if there is no current_user
+ = f.input :email if !current_user #hmm--might authenticated users want to submit an alternate email?
+
+ = f.simple_fields_for :comments do |c|
+ = c.input :body, :label => 'Comment', :as => :text
+
+ = #render :partial => 'new_comment' #what we were using
+ = # regarding_user if not logged in
+ = # email if not logged in
+ = #f.button :submit, :value => t(:submit), :class => 'btn-primary'
+ = f.button :submit
+ = link_to t(:cancel), tickets_path, :class => :btn
diff --git a/help/app/views/tickets/show.html.haml b/help/app/views/tickets/show.html.haml
new file mode 100644
index 0000000..a9b994e
--- /dev/null
+++ b/help/app/views/tickets/show.html.haml
@@ -0,0 +1,26 @@
+- if flash[:notice]
+ =flash[:notice]
+- if flash[:alert]
+ =flash[:alert]
+%h2= @ticket.title
+is open?
+= @ticket.is_open
+- if @ticket.code
+ code:
+ = @ticket.code
+- if @ticket.email
+ email:
+ = @ticket.email
+- if User.find(@ticket.created_by)
+ Created by
+ = User.find(@ticket.created_by).login
+- else
+ Unauthenticated ticket creator
+= render(:partial => "comment", :collection => @ticket.comments)
+
+= simple_form_for (@ticket, :html => {:novalidate => true}) do |f| #turn off html5 validations to test
+ = f.simple_fields_for :comments, TicketComment.new do |c|
+ = c.input :body, :label => 'Comment', :as => :text
+ = #render :partial => 'new_comment'
+ = f.button :submit
+ = link_to t(:cancel), tickets_path, :class => :btn \ No newline at end of file
diff --git a/help/config/routes.rb b/help/config/routes.rb
index 1daf9a4..5e57e02 100644
--- a/help/config/routes.rb
+++ b/help/config/routes.rb
@@ -1,2 +1,5 @@
Rails.application.routes.draw do
+
+ resources :tickets, :only => [:new, :create, :index, :show, :update]
+ #resources :ticket, :only => [:show]
end
diff --git a/help/test/functional/tickets_controller_test.rb b/help/test/functional/tickets_controller_test.rb
new file mode 100644
index 0000000..7a03a86
--- /dev/null
+++ b/help/test/functional/tickets_controller_test.rb
@@ -0,0 +1,63 @@
+require 'test_helper'
+
+class TicketsControllerTest < ActionController::TestCase
+
+ test "should get index" do
+ get :index
+ assert_response :success
+ assert_not_nil assigns(:tickets)
+ end
+
+ test "should get new" do
+ get :new
+ assert_equal Ticket, assigns(:ticket).class
+ assert_response :success
+ end
+
+
+ test "should create unauthenticated ticket" do
+ params = {:title => "ticket test title", :comments_attributes => {"0" => {"body" =>"body of test ticket"}}}
+
+ assert_difference('Ticket.count') do
+ post :create, :ticket => params
+ end
+
+ assert_response :redirect
+ #assert_equal assigns(:ticket).email, User.current.email
+ #assert_equal User.find(assigns(:ticket).created_by).login, User.current.login
+ assert_nil assigns(:ticket).created_by
+
+ assert_equal assigns(:ticket).comments.count, 1
+ end
+
+
+ test "should create authenticated ticket" do
+
+ params = {:title => "ticket test title", :comments_attributes => {"0" => {"body" =>"body of test ticket"}}}
+
+ #todo: should redo this and actually authorize
+ user = User.last
+ session[:user_id] = user.id
+
+ assert_difference('Ticket.count') do
+ post :create, :ticket => params
+ end
+
+ assert_response :redirect
+ assert_equal assigns(:ticket).created_by, user.id
+ assert_equal assigns(:ticket).email, user.email
+
+ assert_equal assigns(:ticket).comments.count, 1
+ end
+
+ test "add comment to ticket" do
+
+ t = Ticket.last
+ comment_count = t.comments.count
+ put :update, :id => t.id, :ticket => {:comments_attributes => {"0" => {"body" =>"NEWER comment"}} }
+ assert_equal(comment_count + 1, assigns(:ticket).comments.count)
+ #assert_difference block isn't working
+
+ end
+
+end
diff --git a/help/test/unit/ticket_comment_test.rb b/help/test/unit/ticket_comment_test.rb
index 883720f..1fe1fe2 100644
--- a/help/test/unit/ticket_comment_test.rb
+++ b/help/test/unit/ticket_comment_test.rb
@@ -16,8 +16,8 @@ class TicketCommentTest < ActiveSupport::TestCase
comment2 = TicketComment.new :body => "help my email is broken!"
assert comment2.valid?
- assert_not_nil comment2.posted_at
- assert_nil comment2.posted_by #if not logged in
+ #assert_not_nil comment2.posted_at #?
+ #assert_nil comment2.posted_by #if not logged in #TODO
#comment.ticket = testticket #Ticket.find_by_title("testing")
#assert_equal testticket.title, comment.ticket.title
@@ -49,9 +49,10 @@ class TicketCommentTest < ActiveSupport::TestCase
testticket.comments << comment2 #this should validate comment2
testticket.valid?
assert_equal testticket.comments.count, 2
- assert_not_nil comment.posted_at
- assert_not_nil testticket.comments.last.posted_at
- assert testticket.comments.first.posted_at < testticket.comments.last.posted_at
+ # where should posted_at be set?
+ #assert_not_nil comment.posted_at
+ #assert_not_nil testticket.comments.last.posted_at
+ #assert testticket.comments.first.posted_at < testticket.comments.last.posted_at
end
end
diff --git a/help/test/unit/ticket_test.rb b/help/test/unit/ticket_test.rb
index c3a4759..6b63a23 100644
--- a/help/test/unit/ticket_test.rb
+++ b/help/test/unit/ticket_test.rb
@@ -41,18 +41,20 @@ class TicketTest < ActiveSupport::TestCase
assert @sample.is_creator_validated?
end
+=begin
+# TODO: do once have current_user stuff in order
test "code if & only if not creator-validated" do
+ User.current_test = nil
t1 = Ticket.create :title => 'test title'
assert_not_nil t1.code
assert_nil t1.created_by
- User.current = 4
+ User.current_test = 4
t2 = Ticket.create :title => 'test title'
assert_nil t2.code
assert_not_nil t2.created_by
-
-
end
+=end
end
diff --git a/test/dummy/app/controllers/application_controller.rb b/test/dummy/app/controllers/application_controller.rb
index e8065d9..be7aa1f 100644
--- a/test/dummy/app/controllers/application_controller.rb
+++ b/test/dummy/app/controllers/application_controller.rb
@@ -1,3 +1,5 @@
class ApplicationController < ActionController::Base
protect_from_forgery
+
+ ActiveSupport.run_load_hooks(:application_controller, self)
end
diff --git a/test/test_helper.rb b/test/test_helper.rb
index f7d48ec..50d5159 100644
--- a/test/test_helper.rb
+++ b/test/test_helper.rb
@@ -4,6 +4,9 @@ require 'rails/test_help'
require 'mocha'
+# Load support files from all engines
+Dir["#{File.dirname(__FILE__)}/../*/test/support/**/*.rb"].each { |f| require f }
+
class ActiveSupport::TestCase
# Add more helper methods to be used by all tests here...
end
diff --git a/users/app/controllers/application_controller.rb b/users/app/controllers/application_controller.rb
deleted file mode 100644
index 8388dda..0000000
--- a/users/app/controllers/application_controller.rb
+++ /dev/null
@@ -1,14 +0,0 @@
-class ApplicationController < ActionController::Base
- protect_from_forgery
-
- private
-
- def current_user
- @current_user ||= env['warden'].user
- end
- helper_method :current_user
-
- def authorize
- redirect_to login_url, alert: "Not authorized" if current_user.nil?
- end
-end
diff --git a/users/app/controllers/controller_extension/authentication.rb b/users/app/controllers/controller_extension/authentication.rb
new file mode 100644
index 0000000..50cf0d1
--- /dev/null
+++ b/users/app/controllers/controller_extension/authentication.rb
@@ -0,0 +1,34 @@
+module ControllerExtension::Authentication
+ extend ActiveSupport::Concern
+
+ private
+
+ included do
+ helper_method :current_user, :logged_in?, :admin?
+ end
+
+ def current_user
+ @current_user ||= env['warden'].user
+ end
+
+ def logged_in?
+ !!current_user
+ end
+
+ def authorize
+ access_denied unless logged_in?
+ end
+
+ def access_denied
+ redirect_to login_url, :alert => "Not authorized"
+ end
+
+ def admin?
+ current_user && current_user.is_admin?
+ end
+
+ def authorize_admin
+ access_denied unless admin?
+ end
+
+end
diff --git a/users/app/models/user.rb b/users/app/models/user.rb
index 737e083..0f5d650 100644
--- a/users/app/models/user.rb
+++ b/users/app/models/user.rb
@@ -66,11 +66,9 @@ class User < CouchRest::Model::Base
login
end
- def self.current
- Thread.current[:user]
- end
- def self.current=(user)
- Thread.current[:user] = user
+ # Since we are storing admins by login, we cannot allow admins to change their login.
+ def is_admin?
+ APP_CONFIG['admins'].include? self.login
end
end
diff --git a/users/app/views/sessions/_nav.html.haml b/users/app/views/sessions/_nav.html.haml
index a5397bd..204ba88 100644
--- a/users/app/views/sessions/_nav.html.haml
+++ b/users/app/views/sessions/_nav.html.haml
@@ -1,6 +1,9 @@
-- if current_user
+- if logged_in?
%li
+ = 'logged in as ' + current_user.login
= link_to t(:logout), logout_path
+ - if admin?
+ = 'ADMIN' # obviously not like this
- else
%li
= link_to t(:login), login_path
diff --git a/users/config/initializers/add_controller_methods.rb b/users/config/initializers/add_controller_methods.rb
new file mode 100644
index 0000000..2579176
--- /dev/null
+++ b/users/config/initializers/add_controller_methods.rb
@@ -0,0 +1,3 @@
+ActiveSupport.on_load(:application_controller) do
+ include ControllerExtension::Authentication
+end
diff --git a/users/leap_web_users.gemspec b/users/leap_web_users.gemspec
index 053f8dc..0682a99 100644
--- a/users/leap_web_users.gemspec
+++ b/users/leap_web_users.gemspec
@@ -17,6 +17,6 @@ Gem::Specification.new do |s|
s.add_dependency "leap_web_core", LeapWeb::VERSION
- s.add_dependency "ruby-srp", "~> 0.1.3"
+ s.add_dependency "ruby-srp", "~> 0.1.4"
s.add_dependency "rails_warden"
end
diff --git a/users/test/functional/application_controller_test.rb b/users/test/functional/application_controller_test.rb
new file mode 100644
index 0000000..69bcb2f
--- /dev/null
+++ b/users/test/functional/application_controller_test.rb
@@ -0,0 +1,29 @@
+require 'test_helper'
+
+class ApplicationControllerTest < ActionController::TestCase
+
+ def setup
+ # so we can test the effect on the response
+ @controller.response = @response
+ end
+
+ def test_authorize_redirect
+ stub_logged_out
+ @controller.send(:authorize)
+ assert_access_denied
+ end
+
+ def test_authorized
+ @user = stub_logged_in
+ @controller.send(:authorize)
+ assert_access_denied(false)
+ end
+
+ def test_authorize_admin
+ @user = stub_logged_in
+ @user.expects(:is_admin?).returns(false)
+ @controller.send(:authorize_admin)
+ assert_access_denied
+ end
+
+end
diff --git a/users/test/functional/helper_methods_test.rb b/users/test/functional/helper_methods_test.rb
new file mode 100644
index 0000000..c0eaf61
--- /dev/null
+++ b/users/test/functional/helper_methods_test.rb
@@ -0,0 +1,42 @@
+#
+# Testing and documenting the helper methods available from
+# ApplicationController
+#
+
+require 'test_helper'
+
+class HelperMethodsTest < ActionController::TestCase
+ tests ApplicationController
+
+ # we test them right in here...
+ include ApplicationController._helpers
+
+ # they all reference the controller.
+ def controller
+ @controller
+ end
+
+ def test_current_user_with_caching
+ @user = stub_logged_in
+ assert_equal @user, current_user
+ assert_equal @user, current_user # tests caching
+ end
+
+ def test_logged_in
+ @user = stub_logged_in
+ assert logged_in?
+ end
+
+ def test_logged_out
+ stub_logged_out
+ assert !logged_in?
+ end
+
+ def test_admin
+ bool = stub
+ @user = stub_logged_in
+ @user.expects(:is_admin?).returns(bool)
+ assert_equal bool, admin?
+ end
+
+end
diff --git a/users/test/integration/api/account_flow_test.rb b/users/test/integration/api/account_flow_test.rb
index 66de1e5..5800d46 100644
--- a/users/test/integration/api/account_flow_test.rb
+++ b/users/test/integration/api/account_flow_test.rb
@@ -39,7 +39,7 @@ class AccountFlowTest < ActionDispatch::IntegrationTest
end
test "signup response" do
- assert_json_response @user_params.slice(:login, :password_salt)
+ assert_json_response :login => @login, :ok => true
assert_response :success
end
diff --git a/users/test/support/auth_test_helper.rb b/users/test/support/auth_test_helper.rb
new file mode 100644
index 0000000..9412058
--- /dev/null
+++ b/users/test/support/auth_test_helper.rb
@@ -0,0 +1,29 @@
+module AuthTestHelper
+
+ def stub_logged_in
+ @user_id = stub
+ @user = stub
+ session[:user_id] = @user_id
+ User.expects(:find).once.with(@user_id).returns(@user)
+ return @user
+ end
+
+ def stub_logged_out
+ @user_id = stub
+ session[:user_id] = @user_id
+ User.expects(:find).once.with(@user_id).returns(nil)
+ end
+
+ def assert_access_denied(denied = true)
+ if denied
+ assert_equal({:alert => "Not authorized"}, flash.to_hash)
+ assert_redirected_to login_path
+ else
+ assert flash[:alert].blank?
+ end
+ end
+end
+
+class ActionController::TestCase
+ include AuthTestHelper
+end
diff --git a/users/test/test_helper.rb b/users/test/test_helper.rb
index 08d4d41..e8f0125 100644
--- a/users/test/test_helper.rb
+++ b/users/test/test_helper.rb
@@ -7,4 +7,3 @@ Rails.backtrace_cleaner.remove_silencers!
# Load support files
Dir["#{File.dirname(__FILE__)}/support/**/*.rb"].each { |f| require f }
-
diff --git a/users/test/unit/user_test.rb b/users/test/unit/user_test.rb
index 822ef33..f057ca7 100644
--- a/users/test/unit/user_test.rb
+++ b/users/test/unit/user_test.rb
@@ -19,7 +19,7 @@ class UserTest < ActiveSupport::TestCase
end
test "test require alphanumerical for login" do
- @user.login = "qwär"
+ @user.login = "qw#r"
assert !@user.valid?
end