Commit 1bafef867058ffb54590687467041ede3e7832a5
1 parent
d2159684
Exists in
staging
and in
31 other branches
Adds hotspot to allow custom API login method
Signed-off-by: Macartur Sousa <macartur.sc@gmail.com> Signed-off-by: Marcos Ronaldo <marcos.rpj2@gmail.com>
Showing
5 changed files
with
56 additions
and
32 deletions
Show diff stats
lib/noosfero/api/helpers.rb
... | ... | @@ -23,6 +23,7 @@ require_relative '../../find_by_contents' |
23 | 23 | def current_user |
24 | 24 | private_token = (params[PRIVATE_TOKEN_PARAM] || headers['Private-Token']).to_s |
25 | 25 | @current_user ||= User.find_by private_token: private_token |
26 | + @current_user ||= plugins.dispatch("api_custom_login", request).first | |
26 | 27 | @current_user |
27 | 28 | end |
28 | 29 | ... | ... |
lib/noosfero/plugin.rb
... | ... | @@ -682,6 +682,10 @@ class Noosfero::Plugin |
682 | 682 | {} |
683 | 683 | end |
684 | 684 | |
685 | + def api_custom_login request | |
686 | + nil | |
687 | + end | |
688 | + | |
685 | 689 | def method_missing(method, *args, &block) |
686 | 690 | # This is a generic hotspot for all controllers on Noosfero. |
687 | 691 | # If any plugin wants to define filters to run on any controller, the name of | ... | ... |
plugins/remote_user/lib/remote_user_plugin.rb
... | ... | @@ -8,43 +8,42 @@ class RemoteUserPlugin < Noosfero::Plugin |
8 | 8 | _("A plugin that add remote user support.") |
9 | 9 | end |
10 | 10 | |
11 | + def api_custom_login request | |
12 | + RemoteUserPlugin::current_user request, environment | |
13 | + end | |
14 | + | |
15 | + def self.current_user request, environment | |
16 | + remote_user = request.env["HTTP_REMOTE_USER"] | |
17 | + user_data = request.env['HTTP_REMOTE_USER_DATA'] | |
18 | + | |
19 | + remote_user_email = user_data.blank? ? (remote_user + '@remote.user') : JSON.parse(user_data)['email'] | |
20 | + remote_user_name = user_data.blank? ? remote_user : JSON.parse(user_data)['name'] | |
21 | + | |
22 | + user = User.where(environment_id: environment, login: remote_user).first | |
23 | + unless user | |
24 | + user = User.create!(:environment => environment, :login => remote_user, :email => remote_user_email, :name => remote_user_name, :password => ('pw4'+remote_user), :password_confirmation => ('pw4'+remote_user)) | |
25 | + user.activate | |
26 | + user.save! | |
27 | + end | |
28 | + user | |
29 | + end | |
30 | + | |
11 | 31 | def application_controller_filters |
12 | 32 | block = proc do |
13 | 33 | |
14 | 34 | begin |
15 | 35 | remote_user = request.headers["HTTP_REMOTE_USER"] |
16 | - user_data = request.env['HTTP_REMOTE_USER_DATA'] | |
17 | 36 | |
18 | 37 | if remote_user.blank? |
19 | 38 | self.current_user = nil |
20 | 39 | else |
21 | - if user_data.blank? | |
22 | - remote_user_email = remote_user + '@remote.user' | |
23 | - remote_user_name = remote_user | |
24 | - else | |
25 | - user_data = JSON.parse(user_data) | |
26 | - remote_user_email = user_data['email'] | |
27 | - remote_user_name = user_data['name'] | |
28 | - end | |
29 | - | |
30 | 40 | if !logged_in? |
31 | - self.current_user = User.where(environment_id: environment, login: remote_user).first | |
32 | - unless self.current_user | |
33 | - self.current_user = User.create!(:environment => environment, :login => remote_user, :email => remote_user_email, :name => remote_user_name, :password => ('pw4'+remote_user), :password_confirmation => ('pw4'+remote_user)) | |
34 | - self.current_user.activate | |
35 | - end | |
36 | - self.current_user.save! | |
41 | + self.current_user = RemoteUserPlugin::current_user request, environment | |
37 | 42 | else |
38 | 43 | if remote_user != self.current_user.login |
39 | 44 | self.current_user.forget_me |
40 | 45 | reset_session |
41 | - | |
42 | - self.current_user = User.where(environment_id: environment, login: remote_user).first | |
43 | - unless self.current_user | |
44 | - self.current_user = User.create!(:environment => environment, :login => remote_user, :email => remote_user_email, :name => remote_user_name, :password => ('pw4'+remote_user), :password_confirmation => ('pw4'+remote_user)) | |
45 | - self.current_user.activate | |
46 | - end | |
47 | - self.current_user.save! | |
46 | + self.current_user = RemoteUserPlugin::current_user request, environment | |
48 | 47 | end |
49 | 48 | end |
50 | 49 | end | ... | ... |
plugins/remote_user/test/unit/remote_user_plugin_test.rb
0 → 100644
... | ... | @@ -0,0 +1,11 @@ |
1 | +require 'test_helper' | |
2 | +require_relative '../../../../test/api/test_helper' | |
3 | + | |
4 | +class RemoteUserPluginTest < ActiveSupport::TestCase | |
5 | + should 'call remote user hotspot to authenticate in API' do | |
6 | + environment = Environment.default | |
7 | + environment.enable_plugin(RemoteUserPlugin) | |
8 | + RemoteUserPlugin.any_instance.expects(:api_custom_login).once | |
9 | + get "/api/v1/people/me" | |
10 | + end | |
11 | +end | ... | ... |
test/api/helpers_test.rb
... | ... | @@ -41,15 +41,24 @@ class APIHelpersTest < ActiveSupport::TestCase |
41 | 41 | assert_equal user.person, current_person |
42 | 42 | end |
43 | 43 | |
44 | -# #FIXME see how to make this test. Get the current_user variable | |
45 | -# should 'set current_user to nil after logout' do | |
46 | -# user = create_user('someuser') | |
47 | -# user.stubs(:private_token_expired?).returns(false) | |
48 | -# User.stubs(:find_by(private_token).returns: user) | |
49 | -# assert_not_nil current_user | |
50 | -# assert false | |
51 | -# logout | |
52 | -# end | |
44 | + should 'get the current user from plugins' do | |
45 | + | |
46 | + class CoolPlugin < Noosfero::Plugin | |
47 | + def api_custom_login request | |
48 | + user = User.create!(:login => 'zombie', :password => 'zombie', :password_confirmation => 'zombie', :email => 'zombie@brains.org', :environment => environment) | |
49 | + user.activate | |
50 | + user | |
51 | + end | |
52 | + end | |
53 | + | |
54 | + Noosfero::Plugin.stubs(:all).returns([CoolPlugin.name]) | |
55 | + Environment.default.enable_plugin(CoolPlugin) | |
56 | + | |
57 | + get "/api/v1/people/me" | |
58 | + | |
59 | + json = JSON.parse(last_response.body) | |
60 | + assert_equal "zombie", json['person']['name'] | |
61 | + end | |
53 | 62 | |
54 | 63 | should 'limit be defined as the params limit value' do |
55 | 64 | local_limit = 30 | ... | ... |