Merge branch 'api' into production

Michel Felipe
2 parents fa6ea4bd 0ee6f0f6
Showing 4 changed files with 108 additions and 3 deletions Show diff stats
lib/noosfero/api/helpers.rb
lib/noosfero/api/session.rb
test/unit/api/helpers_test.rb
test/unit/api/session_test.rb
@@ -350,6 +350,7 @@
         begin
           body = https.request(request).body
         rescue Exception => e
+          logger = Logger.new(File.join(Rails.root, 'log', "#{ENV['RAILS_ENV'] || 'production'}_api.log"))
           logger.error e
           return _("Google recaptcha error: #{e.message}")
         end
@@ -375,6 +376,7 @@
         begin
           body = https.request(request).body
         rescue Exception => e
+          logger = Logger.new(File.join(Rails.root, 'log', "#{ENV['RAILS_ENV'] || 'production'}_api.log"))
           logger.error e
           return _("Google recaptcha error: #{e.message}")
         end
@@ -393,6 +395,7 @@
         begin
           body = http.request(request).body
         rescue Exception => e
+          logger = Logger.new(File.join(Rails.root, 'log', "#{ENV['RAILS_ENV'] || 'production'}_api.log"))
           logger.error e
           return _("Serpro captcha error: #{e.message}")
         end
@@ -40,8 +40,9 @@ module Noosfero
         attrs = attributes_for_keys [:email, :login, :password, :password_confirmation] + environment.signup_person_fields
         remote_ip = (request.respond_to?(:remote_ip) && request.remote_ip) || (env && env['REMOTE_ADDR'])
-        unless test_captcha(remote_ip, params, environment) == true
-          render_api_error!(_('Please solve the test in order to register.'), 401)
+        result = test_captcha(remote_ip, params, environment)
+        unless result == true
+          render_api_error!(result, 401)
           return
         end
@@ -54,6 +55,42 @@ module Noosfero
           render_api_error!(message, 400)
         end
       end
+
+      params do
+        requires :activation_code, type: String, desc: _("Activation token")
+      end
+
+      # Activate a user.
+      #
+      # Parameter:
+      #   activation_code (required)                  - Activation token
+      # Example Request:
+      #   PATCH /activate?activation_code=28259abd12cc6a64ef9399cf3286cb998b96aeaf
+      patch "/activate" do
+        user = User.find_by_activation_code(params[:activation_code])
+        if user
+          unless user.environment.enabled?('admin_must_approve_new_users')
+            if user.activate
+                user.generate_private_token!
+                present user, :with => Entities::UserLogin
+            end
+          else
+            if user.create_moderate_task
+              user.activation_code = nil
+              user.save!
+
+              # Waiting for admin moderate user registration
+              status 202
+              body({
+                :message => 'Waiting for admin moderate user registration'
+              })
+            end
+          end
+        else
+          # Token not found in database
+          render_api_error!(_('Token is invalid'), 412)
+        end
+      end
     end
   end
 end
@@ -236,7 +236,7 @@ class APIHelpersTest &lt; ActiveSupport::TestCase
   end
-  should 'captcha serpro say Name or service not known' do
+  should 'captcha serpro say name or service not known' do
     environment = Environment.new
     environment.api_captcha_settings = {
         enabled: true,
@@ -40,4 +40,69 @@ class SessionTest &lt; ActiveSupport::TestCase
     json = JSON.parse(last_response.body)
   end
+  should 'detected error, Name or service not known, for Serpro Captcha communication' do
+    environment = Environment.default
+    environment.api_captcha_settings = {
+        enabled: true,
+        provider: 'serpro',
+        serpro_client_id:  '0000000000000000',
+        verify_uri:  'http://someserverthatdoesnotexist.mycompanythatdoesnotexist.com/validate',
+    }
+    environment.save!
+    params = {:login => "newuserapi", :password => "newuserapi", :password_confirmation => "newuserapi", :email => "newuserapi@email.com",
+              :txtToken_captcha_serpro_gov_br => '4324343', :captcha_text => '4030320'}
+    post "/api/v1/register?#{params.to_query}"
+    assert_equal "Serpro captcha error: getaddrinfo: Name or service not known", JSON.parse(last_response.body)["message"]
+  end
+
+  # TODO: Add another test cases to check register situations
+  should 'activate a user' do
+    params = {
+      :login => "newuserapi",
+      :password => "newuserapi",
+      :password_confirmation => "newuserapi",
+      :email => "newuserapi@email.com"
+    }
+    user = User.new(params)
+    user.save!
+
+    params = { activation_code: user.activation_code}
+    patch "/api/v1/activate?#{params.to_query}"
+    assert_equal 200, last_response.status
+  end
+
+  should 'do not activate a user if admin must approve him' do
+    params = {
+      :login => "newuserapi",
+      :password => "newuserapi",
+      :password_confirmation => "newuserapi",
+      :email => "newuserapi@email.com",
+      :environment => Environment.default
+    }
+    user = User.new(params)
+    user.environment.enable('admin_must_approve_new_users')
+    user.save!
+
+    params = { activation_code: user.activation_code}
+    patch "/api/v1/activate?#{params.to_query}"
+    assert_equal 202, last_response.status
+    assert_equal 'Waiting for admin moderate user registration', JSON.parse(last_response.body)["message"]
+  end
+
+  should 'do not activate a user if the token is invalid' do
+    params = {
+      :login => "newuserapi",
+      :password => "newuserapi",
+      :password_confirmation => "newuserapi",
+      :email => "newuserapi@email.com",
+      :environment => Environment.default
+    }
+    user = User.new(params)
+    user.save!
+
+    params = { activation_code: '70250abe20cc6a67ef9399cf3286cb998b96aeaf'}
+    patch "/api/v1/activate?#{params.to_query}"
+    assert_equal 412, last_response.status
+  end
+
 end
	@@ -40,8 +40,9 @@ module Noosfero		@@ -40,8 +40,9 @@ module Noosfero
40	attrs = attributes_for_keys [:email, :login, :password, :password_confirmation] + environment.signup_person_fields	40	attrs = attributes_for_keys [:email, :login, :password, :password_confirmation] + environment.signup_person_fields
41	remote_ip = (request.respond_to?(:remote_ip) && request.remote_ip) \|\| (env && env['REMOTE_ADDR'])	41	remote_ip = (request.respond_to?(:remote_ip) && request.remote_ip) \|\| (env && env['REMOTE_ADDR'])
42		42
43	- unless test_captcha(remote_ip, params, environment) == true
44	- render_api_error!(_('Please solve the test in order to register.'), 401)	43	+ result = test_captcha(remote_ip, params, environment)
		44	+ unless result == true
		45	+ render_api_error!(result, 401)
45	return	46	return
46	end	47	end
47		48
	@@ -54,6 +55,42 @@ module Noosfero		@@ -54,6 +55,42 @@ module Noosfero
54	render_api_error!(message, 400)	55	render_api_error!(message, 400)
55	end	56	end
56	end	57	end
		58	+
		59	+ params do
		60	+ requires :activation_code, type: String, desc: _("Activation token")
		61	+ end
		62	+
		63	+ # Activate a user.
		64	+ #
		65	+ # Parameter:
		66	+ # activation_code (required) - Activation token
		67	+ # Example Request:
		68	+ # PATCH /activate?activation_code=28259abd12cc6a64ef9399cf3286cb998b96aeaf
		69	+ patch "/activate" do
		70	+ user = User.find_by_activation_code(params[:activation_code])
		71	+ if user
		72	+ unless user.environment.enabled?('admin_must_approve_new_users')
		73	+ if user.activate
		74	+ user.generate_private_token!
		75	+ present user, :with => Entities::UserLogin
		76	+ end
		77	+ else
		78	+ if user.create_moderate_task
		79	+ user.activation_code = nil
		80	+ user.save!
		81	+
		82	+ # Waiting for admin moderate user registration
		83	+ status 202
		84	+ body({
		85	+ :message => 'Waiting for admin moderate user registration'
		86	+ })
		87	+ end
		88	+ end
		89	+ else
		90	+ # Token not found in database
		91	+ render_api_error!(_('Token is invalid'), 412)
		92	+ end
		93	+ end
57	end	94	end
58	end	95	end
59	end	96	end
	@@ -236,7 +236,7 @@ class APIHelpersTest < ActiveSupport::TestCase		@@ -236,7 +236,7 @@ class APIHelpersTest < ActiveSupport::TestCase
236		236
237	end	237	end
238		238
239	- should 'captcha serpro say Name or service not known' do	239	+ should 'captcha serpro say name or service not known' do
240	environment = Environment.new	240	environment = Environment.new
241	environment.api_captcha_settings = {	241	environment.api_captcha_settings = {
242	enabled: true,	242	enabled: true,
	@@ -40,4 +40,69 @@ class SessionTest < ActiveSupport::TestCase		@@ -40,4 +40,69 @@ class SessionTest < ActiveSupport::TestCase
40	json = JSON.parse(last_response.body)	40	json = JSON.parse(last_response.body)
41	end	41	end
42		42
		43	+ should 'detected error, Name or service not known, for Serpro Captcha communication' do
		44	+ environment = Environment.default
		45	+ environment.api_captcha_settings = {
		46	+ enabled: true,
		47	+ provider: 'serpro',
		48	+ serpro_client_id: '0000000000000000',
		49	+ verify_uri: 'http://someserverthatdoesnotexist.mycompanythatdoesnotexist.com/validate',
		50	+ }
		51	+ environment.save!
		52	+ params = {:login => "newuserapi", :password => "newuserapi", :password_confirmation => "newuserapi", :email => "newuserapi@email.com",
		53	+ :txtToken_captcha_serpro_gov_br => '4324343', :captcha_text => '4030320'}
		54	+ post "/api/v1/register?#{params.to_query}"
		55	+ assert_equal "Serpro captcha error: getaddrinfo: Name or service not known", JSON.parse(last_response.body)["message"]
		56	+ end
		57	+
		58	+ # TODO: Add another test cases to check register situations
		59	+ should 'activate a user' do
		60	+ params = {
		61	+ :login => "newuserapi",
		62	+ :password => "newuserapi",
		63	+ :password_confirmation => "newuserapi",
		64	+ :email => "newuserapi@email.com"
		65	+ }
		66	+ user = User.new(params)
		67	+ user.save!
		68	+
		69	+ params = { activation_code: user.activation_code}
		70	+ patch "/api/v1/activate?#{params.to_query}"
		71	+ assert_equal 200, last_response.status
		72	+ end
		73	+
		74	+ should 'do not activate a user if admin must approve him' do
		75	+ params = {
		76	+ :login => "newuserapi",
		77	+ :password => "newuserapi",
		78	+ :password_confirmation => "newuserapi",
		79	+ :email => "newuserapi@email.com",
		80	+ :environment => Environment.default
		81	+ }
		82	+ user = User.new(params)
		83	+ user.environment.enable('admin_must_approve_new_users')
		84	+ user.save!
		85	+
		86	+ params = { activation_code: user.activation_code}
		87	+ patch "/api/v1/activate?#{params.to_query}"
		88	+ assert_equal 202, last_response.status
		89	+ assert_equal 'Waiting for admin moderate user registration', JSON.parse(last_response.body)["message"]
		90	+ end
		91	+
		92	+ should 'do not activate a user if the token is invalid' do
		93	+ params = {
		94	+ :login => "newuserapi",
		95	+ :password => "newuserapi",
		96	+ :password_confirmation => "newuserapi",
		97	+ :email => "newuserapi@email.com",
		98	+ :environment => Environment.default
		99	+ }
		100	+ user = User.new(params)
		101	+ user.save!
		102	+
		103	+ params = { activation_code: '70250abe20cc6a67ef9399cf3286cb998b96aeaf'}
		104	+ patch "/api/v1/activate?#{params.to_query}"
		105	+ assert_equal 412, last_response.status
		106	+ end
		107	+
43	end	108	end