Adds hotspot to allow custom API login method

Signed-off-by: Macartur Sousa <macartur.sc@gmail.com> Signed-off-by: Marcos Ronaldo <marcos.rpj2@gmail.com>

Adds hotspot to allow custom API login method
Signed-off-by: Macartur Sousa <macartur.sc@gmail.com> Signed-off-by: Marcos Ronaldo <marcos.rpj2@gmail.com>
Marcos Pereira
1 parent d2159684
Showing 5 changed files with 56 additions and 32 deletions Show diff stats
lib/noosfero/api/helpers.rb
lib/noosfero/plugin.rb
plugins/remote_user/lib/remote_user_plugin.rb
plugins/remote_user/test/unit/remote_user_plugin_test.rb
test/api/helpers_test.rb
@@ -23,6 +23,7 @@ require_relative &#39;../../find_by_contents&#39;
       def current_user
         private_token = (params[PRIVATE_TOKEN_PARAM] || headers['Private-Token']).to_s
         @current_user ||= User.find_by private_token: private_token
+        @current_user ||= plugins.dispatch("api_custom_login", request).first
         @current_user
       end
  
@@ -682,6 +682,10 @@ class Noosfero::Plugin
     {}
   end
  
+  def api_custom_login request
+    nil
+  end
+
   def method_missing(method, *args, &block)
     # This is a generic hotspot for all controllers on Noosfero.
     # If any plugin wants to define filters to run on any controller, the name of
@@ -8,43 +8,42 @@ class RemoteUserPlugin &lt; Noosfero::Plugin
     _("A plugin that add remote user support.")
   end
  
+  def api_custom_login request
+    RemoteUserPlugin::current_user request, environment
+  end
+
+  def self.current_user request, environment
+    remote_user = request.env["HTTP_REMOTE_USER"]
+    user_data = request.env['HTTP_REMOTE_USER_DATA']
+
+    remote_user_email = user_data.blank? ? (remote_user + '@remote.user') : JSON.parse(user_data)['email']
+    remote_user_name = user_data.blank? ? remote_user : JSON.parse(user_data)['name']
+
+    user = User.where(environment_id: environment, login: remote_user).first
+    unless user
+      user = User.create!(:environment => environment, :login => remote_user, :email => remote_user_email, :name => remote_user_name, :password => ('pw4'+remote_user), :password_confirmation => ('pw4'+remote_user))
+      user.activate
+      user.save!
+    end
+    user
+  end
+
   def application_controller_filters
     block = proc do
  
       begin
         remote_user = request.headers["HTTP_REMOTE_USER"]
-        user_data = request.env['HTTP_REMOTE_USER_DATA']
  
         if remote_user.blank?
           self.current_user = nil
         else
-          if user_data.blank?
-            remote_user_email = remote_user + '@remote.user'
-            remote_user_name = remote_user
-          else
-            user_data = JSON.parse(user_data)
-            remote_user_email = user_data['email']
-            remote_user_name = user_data['name']
-          end
-
           if !logged_in?
-            self.current_user = User.where(environment_id: environment, login: remote_user).first
-            unless self.current_user
-              self.current_user = User.create!(:environment => environment, :login => remote_user, :email => remote_user_email, :name => remote_user_name, :password => ('pw4'+remote_user), :password_confirmation => ('pw4'+remote_user))
-              self.current_user.activate
-            end
-            self.current_user.save!
+            self.current_user = RemoteUserPlugin::current_user request, environment
           else
             if remote_user != self.current_user.login
               self.current_user.forget_me
               reset_session
-
-	      self.current_user = User.where(environment_id: environment, login: remote_user).first
-              unless self.current_user
-                self.current_user = User.create!(:environment => environment, :login => remote_user, :email => remote_user_email, :name => remote_user_name, :password => ('pw4'+remote_user), :password_confirmation => ('pw4'+remote_user))
-                self.current_user.activate
-              end
-              self.current_user.save!
+              self.current_user = RemoteUserPlugin::current_user request, environment
             end
           end
         end
@@ -0,0 +1,11 @@
+require 'test_helper'
+require_relative '../../../../test/api/test_helper'
+
+class RemoteUserPluginTest < ActiveSupport::TestCase
+  should 'call remote user hotspot to authenticate in API' do
+    environment = Environment.default
+    environment.enable_plugin(RemoteUserPlugin)
+    RemoteUserPlugin.any_instance.expects(:api_custom_login).once
+    get "/api/v1/people/me"
+  end
+end
@@ -41,15 +41,24 @@ class APIHelpersTest &lt; ActiveSupport::TestCase
     assert_equal user.person, current_person
   end
  
-#  #FIXME see how to make this test. Get the current_user variable
-#  should 'set current_user to nil after logout' do
-#    user = create_user('someuser')
-#    user.stubs(:private_token_expired?).returns(false)
-#    User.stubs(:find_by(private_token).returns: user)
-#    assert_not_nil current_user
-#    assert false
-#    logout
-#  end
+  should 'get the current user from plugins' do
+
+    class CoolPlugin < Noosfero::Plugin
+      def api_custom_login request
+        user = User.create!(:login => 'zombie', :password => 'zombie', :password_confirmation => 'zombie', :email => 'zombie@brains.org', :environment => environment)
+        user.activate
+        user
+      end
+    end
+
+    Noosfero::Plugin.stubs(:all).returns([CoolPlugin.name])
+    Environment.default.enable_plugin(CoolPlugin)
+
+    get "/api/v1/people/me"
+
+    json = JSON.parse(last_response.body)
+    assert_equal "zombie", json['person']['name']
+  end
  
   should 'limit be defined as the params limit value' do
     local_limit = 30
...	...	@@ -23,6 +23,7 @@ require_relative '../../find_by_contents'
23	23	def current_user
24	24	private_token = (params[PRIVATE_TOKEN_PARAM] \|\| headers['Private-Token']).to_s
25	25	@current_user \|\|= User.find_by private_token: private_token
	26	+ @current_user \|\|= plugins.dispatch("api_custom_login", request).first
26	27	@current_user
27	28	end
28	29
...	...
...	...	@@ -682,6 +682,10 @@ class Noosfero::Plugin
682	682	{}
683	683	end
684	684
	685	+ def api_custom_login request
	686	+ nil
	687	+ end
	688	+
685	689	def method_missing(method, *args, &block)
686	690	# This is a generic hotspot for all controllers on Noosfero.
687	691	# If any plugin wants to define filters to run on any controller, the name of
...	...
...	...	@@ -8,43 +8,42 @@ class RemoteUserPlugin < Noosfero::Plugin
8	8	_("A plugin that add remote user support.")
9	9	end
10	10
	11	+ def api_custom_login request
	12	+ RemoteUserPlugin::current_user request, environment
	13	+ end
	14	+
	15	+ def self.current_user request, environment
	16	+ remote_user = request.env["HTTP_REMOTE_USER"]
	17	+ user_data = request.env['HTTP_REMOTE_USER_DATA']
	18	+
	19	+ remote_user_email = user_data.blank? ? (remote_user + '@remote.user') : JSON.parse(user_data)['email']
	20	+ remote_user_name = user_data.blank? ? remote_user : JSON.parse(user_data)['name']
	21	+
	22	+ user = User.where(environment_id: environment, login: remote_user).first
	23	+ unless user
	24	+ user = User.create!(:environment => environment, :login => remote_user, :email => remote_user_email, :name => remote_user_name, :password => ('pw4'+remote_user), :password_confirmation => ('pw4'+remote_user))
	25	+ user.activate
	26	+ user.save!
	27	+ end
	28	+ user
	29	+ end
	30	+
11	31	def application_controller_filters
12	32	block = proc do
13	33
14	34	begin
15	35	remote_user = request.headers["HTTP_REMOTE_USER"]
16		- user_data = request.env['HTTP_REMOTE_USER_DATA']
17	36
18	37	if remote_user.blank?
19	38	self.current_user = nil
20	39	else
21		- if user_data.blank?
22		- remote_user_email = remote_user + '@remote.user'
23		- remote_user_name = remote_user
24		- else
25		- user_data = JSON.parse(user_data)
26		- remote_user_email = user_data['email']
27		- remote_user_name = user_data['name']
28		- end
29		-
30	40	if !logged_in?
31		- self.current_user = User.where(environment_id: environment, login: remote_user).first
32		- unless self.current_user
33		- self.current_user = User.create!(:environment => environment, :login => remote_user, :email => remote_user_email, :name => remote_user_name, :password => ('pw4'+remote_user), :password_confirmation => ('pw4'+remote_user))
34		- self.current_user.activate
35		- end
36		- self.current_user.save!
	41	+ self.current_user = RemoteUserPlugin::current_user request, environment
37	42	else
38	43	if remote_user != self.current_user.login
39	44	self.current_user.forget_me
40	45	reset_session
41		-
42		- self.current_user = User.where(environment_id: environment, login: remote_user).first
43		- unless self.current_user
44		- self.current_user = User.create!(:environment => environment, :login => remote_user, :email => remote_user_email, :name => remote_user_name, :password => ('pw4'+remote_user), :password_confirmation => ('pw4'+remote_user))
45		- self.current_user.activate
46		- end
47		- self.current_user.save!
	46	+ self.current_user = RemoteUserPlugin::current_user request, environment
48	47	end
49	48	end
50	49	end
...	...
...	...	@@ -0,0 +1,11 @@
	1	+require 'test_helper'
	2	+require_relative '../../../../test/api/test_helper'
	3	+
	4	+class RemoteUserPluginTest < ActiveSupport::TestCase
	5	+ should 'call remote user hotspot to authenticate in API' do
	6	+ environment = Environment.default
	7	+ environment.enable_plugin(RemoteUserPlugin)
	8	+ RemoteUserPlugin.any_instance.expects(:api_custom_login).once
	9	+ get "/api/v1/people/me"
	10	+ end
	11	+end
...	...
...	...	@@ -41,15 +41,24 @@ class APIHelpersTest < ActiveSupport::TestCase
41	41	assert_equal user.person, current_person
42	42	end
43	43
44		-# #FIXME see how to make this test. Get the current_user variable
45		-# should 'set current_user to nil after logout' do
46		-# user = create_user('someuser')
47		-# user.stubs(:private_token_expired?).returns(false)
48		-# User.stubs(:find_by(private_token).returns: user)
49		-# assert_not_nil current_user
50		-# assert false
51		-# logout
52		-# end
	44	+ should 'get the current user from plugins' do
	45	+
	46	+ class CoolPlugin < Noosfero::Plugin
	47	+ def api_custom_login request
	48	+ user = User.create!(:login => 'zombie', :password => 'zombie', :password_confirmation => 'zombie', :email => 'zombie@brains.org', :environment => environment)
	49	+ user.activate
	50	+ user
	51	+ end
	52	+ end
	53	+
	54	+ Noosfero::Plugin.stubs(:all).returns([CoolPlugin.name])
	55	+ Environment.default.enable_plugin(CoolPlugin)
	56	+
	57	+ get "/api/v1/people/me"
	58	+
	59	+ json = JSON.parse(last_response.body)
	60	+ assert_equal "zombie", json['person']['name']
	61	+ end
53	62
54	63	should 'limit be defined as the params limit value' do
55	64	local_limit = 30
...	...