Module: ZuoraConnect::Controllers::Helpers

Extended by:
ActiveSupport::Concern
Defined in:
lib/zuora_connect/controllers/helpers.rb

Instance Method Summary collapse

Instance Method Details

#authenticate_app_api_requestObject



7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
# File 'lib/zuora_connect/controllers/helpers.rb', line 7

def authenticate_app_api_request
  ZuoraConnect::AppInstance.read_master_db do
    #Skip session for api requests
    request.session_options[:skip] = true

    Thread.current[:appinstance] = nil
    if ZuoraConnect.logger.is_a?(Ougai::Logger); ZuoraConnect.logger.with_fields = {}; end
    if Rails.logger.is_a?(Ougai::Logger); Rails.logger.with_fields = {}; end
    if defined?(ElasticAPM) && ElasticAPM.running?
      if ElasticAPM.respond_to?(:set_label)
        ElasticAPM.set_label(:trace_id, request.uuid) if defined?(ElasticAPM) && ElasticAPM.running?
      else
        ElasticAPM.set_label(:trace_id, request.uuid) if defined?(ElasticAPM) && ElasticAPM.running?
      end
    end

    ZuoraConnect::ZuoraUser.current_user_id = request.headers["Zuora-User-Id"]

    if request.headers["API-Token"].present?
      @appinstance = ZuoraConnect::AppInstance.find_by(:api_token => request.headers["API-Token"])
      ZuoraConnect.logger.debug("API REQUEST - API token") if @appinstance.present?
      check_instance
    elsif ZuoraConnect::AppInstance::INTERNAL_HOSTS.include?(request.headers.fetch("HOST", nil)) && request.headers['zuora-host'].present?
      zuora_host, zuora_entity_id, zuora_instance_id = [request.headers['zuora-host'], (request.headers['zuora-entity-ids'] || "").gsub('-',''), request.headers['zuora-instance-id']]
      zuora_host_mapping = {'origin-gateway.sbx.auw2.zuora.com' => 'rest.apisandbox.zuora.com',  'origin-gateway.prod.auw2.zuora.com' => 'rest.zuora.com'}
      zuora_host = zuora_host_mapping[zuora_host] if zuora_host_mapping.keys.include?(zuora_host)

      #Validate entity-ids present
      if zuora_entity_id.blank?
        render json: {"status": 401, "message": "zuora-entity-ids header was not supplied."}, status: :unauthorized
        return
      end
      #Select with instance id if present. Used where mulitple deployments are done.
      if zuora_instance_id.present?
        appinstances = ZuoraConnect::AppInstance.where("zuora_entity_ids ?& array[:entities] = true AND zuora_domain = :host AND id = :id", entities: [zuora_entity_id], host: zuora_host, id: zuora_instance_id.to_i)
      else
        appinstances = ZuoraConnect::AppInstance.where("zuora_entity_ids ?& array[:entities] = true AND zuora_domain = :host", entities: [zuora_entity_id], host: zuora_host)
      end

      if appinstances.size == 0
        render json: {"status": 404, "message": "Missing mapping or no deployment for '#{zuora_host}-#{zuora_entity_id}' ."}, status: 404
        return
      elsif appinstances.size > 1
        render json: {"status": 401, "message": "More than one app instance binded to host and entity ids. Please indicate correct instance via 'zuora-instance-id' header", "instances": appinstances.map {|instance| instance.id }.sort }, status: :unauthorized
        return
      else
        @appinstance = appinstances.first
        check_instance
      end

    elsif request.headers.fetch("Authorization", "").include?("Basic ")
      authenticate_or_request_with_http_basic do |username, password|
        @appinstance = ZuoraConnect::AppInstance.find_by(:token => password)
        @appinstance ||= ZuoraConnect::AppInstance.find_by(:api_token => password)
        ZuoraConnect.logger.debug("API REQUEST - Basic Auth") if @appinstance.present?
        check_instance
      end
    else
      check_instance
    end

    @zuora_user = ZuoraConnect::ZuoraUser.find_by(zuora_user_id: ZuoraConnect::ZuoraUser.current_user_id)
    zuora_org_ids = request.headers["Zuora-Org-Ids"]
    ZuoraConnect::ZuoraUser.current_org_ids = []
    ZuoraConnect::ZuoraUser.current_org_ids = zuora_org_ids.split(',') if zuora_org_ids

  end
rescue ZuoraConnect::Exceptions::ConnectCommunicationError => ex
  render json: {"status": 400, "message": ex.message}, status: 400
  return 
rescue ZuoraAPI::Exceptions::ZuoraAPIInternalServerError => ex
  render json: {"status": 500, "message": ex.message}, status: 500
  return               
end

#authenticate_connect_app_requestObject



99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
# File 'lib/zuora_connect/controllers/helpers.rb', line 99

def authenticate_connect_app_request
  ZuoraConnect::AppInstance.read_master_db do
    Thread.current[:appinstance] = nil
    if ZuoraConnect.logger.is_a?(Ougai::Logger); ZuoraConnect.logger.with_fields = {}; end
    if Rails.logger.is_a?(Ougai::Logger); Rails.logger.with_fields = {}; end
    if defined?(ElasticAPM) && ElasticAPM.running?
      if ElasticAPM.respond_to?(:set_label)
        ElasticAPM.set_label(:trace_id, request.uuid)
      else
        ElasticAPM.set_label(:trace_id, request.uuid)
      end
    end

    if ZuoraConnect.configuration.mode == "Production"
      setup_instance_via_prod_mode
    else
      setup_instance_via_dev_mode
    end

    return if performed?

    if !defined?(@appinstance) || @appinstance.blank?
      render "zuora_connect/static/error_handled", :locals => {
        :title => "Application state could not be found.",
        :message => "Please relaunch application."
      }, :layout => false
      return
    end
    #Call .data_lookup with the current session to retrieve session. In some cases session may be stored/cache in redis
    #so data lookup provides a model method that can be overriden per app.
    if params[:controller] != 'zuora_connect/api/v1/app_instance' && params[:action] != 'drop'
      if @appinstance.new_session_for_ui_requests(:params => params)
        @appinstance.new_session(:session => @appinstance.data_lookup(:session => session))
      end
    end

    if session["#{@appinstance.id}::user::email"].present?
      ElasticAPM.set_user(session["#{@appinstance.id}::user::email"])  if defined?(ElasticAPM) && ElasticAPM.running?
      PaperTrail.whodunnit =  session["#{@appinstance.id}::user::email"] if defined?(PaperTrail)
    end

    locale = (session["#{@appinstance.id}::user::locale"] || "").gsub("_", "-")
    begin
      I18n.locale = locale.present? ? locale : @appinstance.locale
    rescue I18n::InvalidLocale => ex
      if locale.include?("-")
        locale = locale.split("-").first
        retry
      elsif locale != session["#{@appinstance.id}::user::language"]
        locale = session["#{@appinstance.id}::user::language"]
        retry
      end
      ZuoraConnect.logger.error(ex) if !ZuoraConnect::AppInstance::IGNORED_LOCALS.include?(ex.locale.to_s.downcase)
    end
    if @appinstance.user_timezone.blank?
      @appinstance.set_timezone(timezone: session["#{@appinstance.id}::user::timezone"], type: :default)
    end
  end
rescue ZuoraConnect::Exceptions::InvalidCredentialSet => ex
  id = @appinstance.id
  ZuoraConnect::AppInstance.destroy(id)
  Apartment::Tenant.drop(id)
  render "zuora_connect/static/error_handled", :locals => {
    :title => "Application Setup Error",
    :message => "Application cannot be run using Zuora Session. Delete old application \
    deployment and create new with Zuora Basic or OAuth credentials."
  }, :layout => false
  return
rescue ZuoraConnect::Exceptions::AccessDenied => ex
  respond_to do |format|
    format.html {
      render "zuora_connect/static/error_handled", :locals => {
          :title => "Application State Error",
          :message => ex.message
        }, status: 401, layout: false
    }
    format.js {
      render "zuora_connect/static/error_handled", :locals => {
          :title => "Application State Error",
          :message => ex.message
        }, status: 401, layout: false
    }
    format.json { render json: {'errors' => ex.message}, status: 401 }
    format.all { render json: ex.message, status: 401 }
  end
  return
rescue => ex
  ZuoraConnect.logger.error("UI Authorization Error", ex)
  respond_to do |format|
    format.html { render 'zuora_connect/static/error_unhandled', :locals => {:exception => ex, :skip_exception => true}, status: 500, layout: false }
    format.js { render 'zuora_connect/static/error_unhandled', :locals => {:exception => ex, :skip_exception => true}, status: 500, layout: false}
  end
  return
end

#check_connect_adminObject



228
229
230
# File 'lib/zuora_connect/controllers/helpers.rb', line 228

def check_connect_admin
  return session["#{@appinstance.id}::admin"]
end

#check_connect_admin!(raise_error: false) ⇒ Object



204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
# File 'lib/zuora_connect/controllers/helpers.rb', line 204

def check_connect_admin!(raise_error: false)
  if !(session["#{@appinstance.id}::admin"] || @appinstance.zuora_tenant_ids.include?("9"))
    raise ZuoraConnect::Exceptions::AccessDenied.new("User is not an authorized admin for this application") if raise_error

    respond_to do |format|
      format.html {
        render "zuora_connect/static/error_handled", :locals => {
            :title => "Unauthorized",
            :message => "User is not an authorized admin for this application"
          }, status: 401, :layout => false
      }
      format.js {
        render "zuora_connect/static/error_handled", :locals => {
            :title => "Unauthorized",
            :message => "User is not an authorized admin for this application"
          }, status: 401, :layout => false
      }
      format.json { render json: {'errors' => ex.message}, status: 401 }
      format.all { render json: ex.message, status: 401 }
    end
    return
  end
end

#check_instanceObject

API ONLY



83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
# File 'lib/zuora_connect/controllers/helpers.rb', line 83

def check_instance
  if defined?(@appinstance) && @appinstance.present?
    if @appinstance.new_session_for_api_requests(:params => params)
      @appinstance.new_session(:session => @appinstance.data_lookup(:session => session))
    end
    Thread.current[:appinstance] = @appinstance
    PaperTrail.whodunnit = "API User" if defined?(PaperTrail)
    ElasticAPM.set_user("API User")  if defined?(ElasticAPM) && ElasticAPM.running?
    return true
  else
    response.set_header('WWW-Authenticate', "Basic realm=\"Application\"")
    render json: {"status": 401, "message": "Access Denied"}, status: :unauthorized
    return false
  end
end

#create_new_instanceObject



239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
# File 'lib/zuora_connect/controllers/helpers.rb', line 239

def create_new_instance
  ZuoraConnect::AppInstance.read_master_db do
    Thread.current[:appinstance] = nil
    ZuoraConnect.logger.with_fields = {} if ZuoraConnect.logger.is_a?(Ougai::Logger)
    Rails.logger.with_fields = {} if Rails.logger.is_a?(Ougai::Logger)

    if defined?(ElasticAPM) && ElasticAPM.running? && ElasticAPM.respond_to?(:set_label)
      ElasticAPM.set_label(:trace_id, request.uuid)
    end

    zuora_host = request.headers['zuora-host']
    zuora_entity_id = (request.headers['zuora-entity-ids'] || '').gsub(
      '-',
      ''
    ).split(',').first

    # Validate host present
    if zuora_host.blank?
      render json: {
        status: 401,
        message: 'zuora-host header was not supplied.'
      }, status: :unauthorized
      return
    end

    # Validate entity-ids present
    if zuora_entity_id.blank?
      render json: {
        status: 401,
        message: 'zuora-entity-ids header was not supplied.'
      }, status: :unauthorized
      return
    end

    rest_domain = ZuoraAPI::Login.new(url: "https://#{zuora_host}").rest_domain
    app_instance_id = ZuoraConnect::AppInstance.where(
      'zuora_entity_ids ?& array[:entities] AND zuora_domain = :host',
      entities: [zuora_entity_id],
      host: rest_domain
    ).pluck(:id).first

    if app_instance_id.present?
      render json: {
        status: 409,
        message: 'Instance already exists.',
        app_instance_id: app_instance_id
      }, status: 409
    else
      Apartment::Tenant.switch!("public")
      retry_count = 3
      begin
        @appinstance = new_instance(
          next_instance_id,
          zuora_entity_id,
          rest_domain,
          tenant_id: request.headers['zuora-tenant-id'],
          retry_count: retry_count
        )
      rescue ActiveRecord::RecordNotUnique
        retry if (retry_count -= 1).positive?
        return
      end

      app_instance_id = @appinstance.id
    end

    begin
      Apartment::Tenant.switch!('public')
      Apartment::Tenant.create(app_instance_id.to_s)
    rescue Apartment::TenantExists
      ZuoraConnect.logger.debug('Tenant Already Exists')
    end
  end
end

#hallway_integration?Boolean

Returns:

  • (Boolean)


236
237
238
# File 'lib/zuora_connect/controllers/helpers.rb', line 236

def hallway_integration?
  return (request.headers['ZuoraCurrentEntity'].present? || cookies['ZuoraCurrentEntity'].present?)
end

#persist_connect_app_sessionObject



194
195
196
197
198
199
200
201
202
# File 'lib/zuora_connect/controllers/helpers.rb', line 194

def persist_connect_app_session
  if @appinstance.present?
    if defined?(Redis.current)
      @appinstance.cache_app_instance
    else
      session.merge!(@appinstance.save_data)
    end
  end
end

#zuora_userObject



232
233
234
# File 'lib/zuora_connect/controllers/helpers.rb', line 232

def zuora_user
  return @zuora_user
end