Module: ShopliftClient
- Extended by:
- ActiveSupport::Concern
- Includes:
- Shopapp3
- Included in:
- ApiController, AuthController, ShopappLoginController, UserAuthenticatedController, UserAuthenticatedOrApiController
- Defined in:
- app/controllers/concerns/shoplift_client.rb
Instance Method Summary collapse
- #authenticate_company!(soft = false) ⇒ Object
- #authenticate_user ⇒ Object
- #authenticate_user!(skip_landing_page = false) ⇒ Object
- #authenticate_user_or_api! ⇒ Object
- #client ⇒ Object
- #company_info(company_id = nil) ⇒ Object
- #company_logo_path_defined ⇒ Object
- #current_auditor ⇒ Object
- #current_company ⇒ Object
- #current_user ⇒ Object
- #current_user_json ⇒ Object
- #find_company_by_code(code, parameters = {}) ⇒ Object
- #get(url, params = {}) ⇒ Object
- #handle_not_authorized(message) ⇒ Object
- #hide_search_for_this_action ⇒ Object
- #home_link_path ⇒ Object
- #local_authlift_redirect_uri ⇒ Object
-
#post(url, params) ⇒ Object
To create/update a model, params must be of form { model_name: { attr1: value1, attr2: value2 } } and attr1, attr2 must be in the list of allowed params the Rails way.
- #redirect_unauthorized(skip_landing_page = false) ⇒ Object
- #scope ⇒ Object
- #search_remote ⇒ Object
- #session_cookie ⇒ Object
- #session_cookie=(new_value) ⇒ Object
- #shoplift_login_url ⇒ Object
- #show_search_for_this_action(params = {}) ⇒ Object
- #srv ⇒ Object
- #supported_locales_defined ⇒ Object
- #user_signed_in? ⇒ Boolean
Methods included from Shopapp3
Instance Method Details
#authenticate_company!(soft = false) ⇒ Object
218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240 241 242 243 244 245 246 247 248 |
# File 'app/controllers/concerns/shoplift_client.rb', line 218 def authenticate_company!(soft = false) return true if authenticate_user @api_key = if params['key'].present? params['key'].match(/[0-9a-f]+/).to_s elsif request.headers['AUTHORIZATION'].present? && !request.headers['AUTHORIZATION'].include?('Basic') request.headers['AUTHORIZATION'].gsub(/^Bearer ?/, '') else Rails.configuration.settings['authlift_default_app_key'] end if @api_key.blank? return false if soft 'Authentication token missing' end response = srv.post 'auth/api_key', body: { api_key: api_key, requested_action: "#{self.controller_name}##{self.action_name}" } if response.blank? return false if soft 'Request not authorized' end @authentication = JSON.parse response.body find_company_by_code authentication['company'] true end |
#authenticate_user ⇒ Object
168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 |
# File 'app/controllers/concerns/shoplift_client.rb', line 168 def authenticate_user if .present? @token = OAuth2::AccessToken.new client, , scope: scope begin x = srv.get '/api/users/profile' @current_user_json_hash = @current_user = JSON.parse x.response.body unless @current_user['scopes'].is_a? String user_scopes = @current_user['scopes'] else user_scopes = JSON.parse @current_user['scopes'] end unless user_scopes.include? 'admin' (self.class.required_scopes || []).each do |required_scope| unless user_scopes.include? required_scope render(file: 'shopapp/403.html', status: 403, layout: false, locals: { missing_scope: required_scope }) return false end end end find_company_by_code current_user['company']['code'], name: current_user['company']['name'], logo_code: current_user['company']['logo_code'] rescue OAuth2::Error return false end else return false end true end |
#authenticate_user!(skip_landing_page = false) ⇒ Object
200 201 202 |
# File 'app/controllers/concerns/shoplift_client.rb', line 200 def authenticate_user!(skip_landing_page = false) (skip_landing_page) unless authenticate_user end |
#authenticate_user_or_api! ⇒ Object
204 205 206 207 208 |
# File 'app/controllers/concerns/shoplift_client.rb', line 204 def authenticate_user_or_api! unless authenticate_company!(true) end end |
#client ⇒ Object
301 302 303 304 305 |
# File 'app/controllers/concerns/shoplift_client.rb', line 301 def client @oauth ||= OAuth2::Client.new Rails.configuration.settings['authlift_app_id'], Rails.configuration.settings['authlift_app_secret'], site: Rails.configuration.settings['authlift_url'] end |
#company_info(company_id = nil) ⇒ Object
54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 |
# File 'app/controllers/concerns/shoplift_client.rb', line 54 def company_info(company_id = nil) @company_info ||= {} return @company_info[company_id] if @company_info[company_id].present? @company_info[company_id] = JSON.parse srv.get(['/api/users/company_info', company_id].compact.join '/').body ["clients", "suppliers"].each do |partner_type| @company_info[company_id][partner_type].each do |partner| partner[:company] = Company.find_or_create_by! code: partner['code'] partner[:company].name = partner['name'] partner[:company].info ||= {} # Very ugly bugfix: investigate how comes this is string in the first place if partner[:company].info.is_a? String begin partner[:company].info = JSON.parse(partner[:company].info) rescue end end partner[:company].info['company_info'] = partner['info'] partner[:company].save! end end @company_info[company_id] end |
#company_logo_path_defined ⇒ Object
307 308 309 310 311 312 313 |
# File 'app/controllers/concerns/shoplift_client.rb', line 307 def company_logo_path_defined if defined? self.company_logo_path company_logo_path else "https://media.shoplift.fi/company_logos/#{@current_user_json_hash['company']['logo_code']}_company_logo_24.png" end end |
#current_auditor ⇒ Object
254 255 256 |
# File 'app/controllers/concerns/shoplift_client.rb', line 254 def current_auditor current_user.to_h['email'] end |
#current_company ⇒ Object
264 265 |
# File 'app/controllers/concerns/shoplift_client.rb', line 264 def current_company end |
#current_user ⇒ Object
258 259 260 261 262 |
# File 'app/controllers/concerns/shoplift_client.rb', line 258 def current_user return @current_user if @current_user.present? @current_user end |
#current_user_json ⇒ Object
250 251 252 |
# File 'app/controllers/concerns/shoplift_client.rb', line 250 def current_user_json current_user.to_json end |
#find_company_by_code(code, parameters = {}) ⇒ Object
140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 |
# File 'app/controllers/concerns/shoplift_client.rb', line 140 def find_company_by_code(code, parameters = {}) begin @current_company ||= Company.find_or_create_by! code: code do |new_company| fail if parameters.empty? new_company.name = parameters[:name] # following is an ugly yet backwards conpatible and safe way to store # the company info if and in the best way possible, until all the apps # are updated to have json there. case new_company.column_for_attribute('info').type when :json new_company.info = parameters when :string new_company.info = parameters.to_json end end rescue ActiveRecord::StatementInvalid if $!.cause.is_a? PG::UndefinedTable fail <<-ERROR.strip_heredoc You have not defined a company, and that is compulsory even if you are not planning to add any additional fields. You do not need to seed it, so following is enough forever: rails g model company code:string name:string info:json; rake db:migrate ERROR end end end |
#get(url, params = {}) ⇒ Object
285 286 287 288 289 290 291 292 293 294 295 |
# File 'app/controllers/concerns/shoplift_client.rb', line 285 def get(url, params = {}) puts 'co_cli: get' puts "url: #{url}" puts "params: #{params}" response = srv.request(:get, url, body: params) JSON.parse(response.body) rescue OAuth2::Error raise "Server fault, could not perform post to #{srv.client.site}#{url}" rescue raise "Unknown error, could not perform post to #{srv.client.site}#{url}" end |
#handle_not_authorized(message) ⇒ Object
210 211 212 213 214 215 216 |
# File 'app/controllers/concerns/shoplift_client.rb', line 210 def () if request.format.html? else fail ActionController::RoutingError, end end |
#hide_search_for_this_action ⇒ Object
80 81 82 |
# File 'app/controllers/concerns/shoplift_client.rb', line 80 def hide_search_for_this_action @do_hide_search_for_this_action = true end |
#home_link_path ⇒ Object
323 324 325 |
# File 'app/controllers/concerns/shoplift_client.rb', line 323 def home_link_path root_path end |
#local_authlift_redirect_uri ⇒ Object
103 104 105 106 107 108 109 |
# File 'app/controllers/concerns/shoplift_client.rb', line 103 def local_authlift_redirect_uri if respond_to? :app_authlift_redirect_uri app_authlift_redirect_uri else Rails.configuration.settings['authlift_redirect_uri'] end end |
#post(url, params) ⇒ Object
To create/update a model, params must be of form { model_name: { attr1: value1, attr2: value2 } } and attr1, attr2 must be in the list of allowed params the Rails way.
273 274 275 276 277 278 279 280 281 282 283 |
# File 'app/controllers/concerns/shoplift_client.rb', line 273 def post(url, params) puts 'co_cli: post' puts "url: #{url}" puts "params: #{params}" response = srv.request(:post, url, body: params) JSON.parse(response.body) rescue OAuth2::Error raise "Server fault, could not perform post to #{srv.client.site}#{url}" rescue raise "Unknown error, could not perform post to #{srv.client.site}#{url}" end |
#redirect_unauthorized(skip_landing_page = false) ⇒ Object
124 125 126 127 128 129 130 131 132 133 134 |
# File 'app/controllers/concerns/shoplift_client.rb', line 124 def (skip_landing_page = false) return if performed? session.clear session[:previous_url] = request.fullpath if Rails.configuration.settings['use_welcome_screen'].present? && !skip_landing_page redirect_to else redirect_to shoplift_login_url end end |
#scope ⇒ Object
136 137 138 |
# File 'app/controllers/concerns/shoplift_client.rb', line 136 def scope [Rails.configuration.settings['authlift_default_scope'], 'public'].compact.join ' ' end |
#search_remote ⇒ Object
84 85 86 |
# File 'app/controllers/concerns/shoplift_client.rb', line 84 def search_remote @search_remote || false end |
#session_cookie ⇒ Object
95 96 97 |
# File 'app/controllers/concerns/shoplift_client.rb', line 95 def session["authlift_session_id"] end |
#session_cookie=(new_value) ⇒ Object
99 100 101 |
# File 'app/controllers/concerns/shoplift_client.rb', line 99 def (new_value) session["authlift_session_id"] = new_value end |
#shoplift_login_url ⇒ Object
111 112 113 114 115 116 117 118 119 120 121 122 |
# File 'app/controllers/concerns/shoplift_client.rb', line 111 def shoplift_login_url redirect_parameters = { redirect_uri: local_authlift_redirect_uri, scope: scope } if [:set_i18n_pub] redirect_parameters[:set_i18n_pub] = [:set_i18n_pub] end client.auth_code.(redirect_parameters) end |
#show_search_for_this_action(params = {}) ⇒ Object
88 89 90 91 92 93 |
# File 'app/controllers/concerns/shoplift_client.rb', line 88 def show_search_for_this_action(params = {}) @do_hide_search_for_this_action = false @search_placeholder = params[:placeholder] if params[:placeholder].present? @search_path = params[:search_path] if params[:search_path].present? @search_remote = params[:search_remote] if params[:search_remote].present? end |
#srv ⇒ Object
297 298 299 |
# File 'app/controllers/concerns/shoplift_client.rb', line 297 def srv @token ||= client.client_credentials.get_token scope: scope end |
#supported_locales_defined ⇒ Object
315 316 317 318 319 320 321 |
# File 'app/controllers/concerns/shoplift_client.rb', line 315 def supported_locales_defined if defined? self.supported_locales supported_locales else [] end end |
#user_signed_in? ⇒ Boolean
267 268 269 |
# File 'app/controllers/concerns/shoplift_client.rb', line 267 def user_signed_in? !current_user.nil? end |