Download as
Browse Code »

Commit 1bafef867058ffb54590687467041ede3e7832a5

Authored by Marcos Pereira
1 parent d2159684
Exists in staging and in 31 other branches all_pending_tasks_api, api-articles-period, api_roles, comments_permissions, elasticsearch, elasticsearch_api, elasticsearch_categories, elasticsearch_filter, elasticsearch_sort, elasticsearch_to_merge, elasticsearch_view, environment-exposes-api, export-comment-api, export_data, external_followers, federation-webfinger, federation_followers, federation_followers_backend, federation_oauth_provider, federation_webfinger, fix_notification_email, follower_permition, master, master_profile_followers, oauth_external_login, oauth_login, private-scraps, private-scraps-rebase, production, profile_api_improvements, user_mention

Adds hotspot to allow custom API login method 

Signed-off-by: Macartur Sousa <macartur.sc@gmail.com>
Signed-off-by: Marcos Ronaldo <marcos.rpj2@gmail.com>
Showing 5 changed files with 56 additions and 32 deletions   Show diff stats
lib/noosfero/api/helpers.rb
  Diff comments   View file @1bafef8
@@ -23,6 +23,7 @@ require_relative &#39;../../find_by_contents&#39; @@ -23,6 +23,7 @@ require_relative &#39;../../find_by_contents&#39;
23 def current_user 23 def current_user
24 private_token = (params[PRIVATE_TOKEN_PARAM] || headers['Private-Token']).to_s 24 private_token = (params[PRIVATE_TOKEN_PARAM] || headers['Private-Token']).to_s
25 @current_user ||= User.find_by private_token: private_token 25 @current_user ||= User.find_by private_token: private_token
  26 + @current_user ||= plugins.dispatch("api_custom_login", request).first
26 @current_user 27 @current_user
27 end 28 end
28 29
lib/noosfero/plugin.rb
  Diff comments   View file @1bafef8
@@ -682,6 +682,10 @@ class Noosfero::Plugin @@ -682,6 +682,10 @@ class Noosfero::Plugin
682 {} 682 {}
683 end 683 end
684 684
  685 + def api_custom_login request
  686 + nil
  687 + end
  688 +
685 def method_missing(method, *args, &block) 689 def method_missing(method, *args, &block)
686 # This is a generic hotspot for all controllers on Noosfero. 690 # This is a generic hotspot for all controllers on Noosfero.
687 # If any plugin wants to define filters to run on any controller, the name of 691 # If any plugin wants to define filters to run on any controller, the name of
plugins/remote_user/lib/remote_user_plugin.rb
  Diff comments   View file @1bafef8
@@ -8,43 +8,42 @@ class RemoteUserPlugin &lt; Noosfero::Plugin @@ -8,43 +8,42 @@ class RemoteUserPlugin &lt; Noosfero::Plugin
8 _("A plugin that add remote user support.") 8 _("A plugin that add remote user support.")
9 end 9 end
10 10
  11 + def api_custom_login request
  12 + RemoteUserPlugin::current_user request, environment
  13 + end
  14 +
  15 + def self.current_user request, environment
  16 + remote_user = request.env["HTTP_REMOTE_USER"]
  17 + user_data = request.env['HTTP_REMOTE_USER_DATA']
  18 +
  19 + remote_user_email = user_data.blank? ? (remote_user + '@remote.user') : JSON.parse(user_data)['email']
  20 + remote_user_name = user_data.blank? ? remote_user : JSON.parse(user_data)['name']
  21 +
  22 + user = User.where(environment_id: environment, login: remote_user).first
  23 + unless user
  24 + user = User.create!(:environment => environment, :login => remote_user, :email => remote_user_email, :name => remote_user_name, :password => ('pw4'+remote_user), :password_confirmation => ('pw4'+remote_user))
  25 + user.activate
  26 + user.save!
  27 + end
  28 + user
  29 + end
  30 +
11 def application_controller_filters 31 def application_controller_filters
12 block = proc do 32 block = proc do
13 33
14 begin 34 begin
15 remote_user = request.headers["HTTP_REMOTE_USER"] 35 remote_user = request.headers["HTTP_REMOTE_USER"]
16 - user_data = request.env['HTTP_REMOTE_USER_DATA']  
17 36
18 if remote_user.blank? 37 if remote_user.blank?
19 self.current_user = nil 38 self.current_user = nil
20 else 39 else
21 - if user_data.blank?  
22 - remote_user_email = remote_user + '@remote.user'  
23 - remote_user_name = remote_user  
24 - else  
25 - user_data = JSON.parse(user_data)  
26 - remote_user_email = user_data['email']  
27 - remote_user_name = user_data['name']  
28 - end  
29 -  
30 if !logged_in? 40 if !logged_in?
31 - self.current_user = User.where(environment_id: environment, login: remote_user).first  
32 - unless self.current_user  
33 - self.current_user = User.create!(:environment => environment, :login => remote_user, :email => remote_user_email, :name => remote_user_name, :password => ('pw4'+remote_user), :password_confirmation => ('pw4'+remote_user))  
34 - self.current_user.activate  
35 - end  
36 - self.current_user.save! 41 + self.current_user = RemoteUserPlugin::current_user request, environment
37 else 42 else
38 if remote_user != self.current_user.login 43 if remote_user != self.current_user.login
39 self.current_user.forget_me 44 self.current_user.forget_me
40 reset_session 45 reset_session
41 -  
42 - self.current_user = User.where(environment_id: environment, login: remote_user).first  
43 - unless self.current_user  
44 - self.current_user = User.create!(:environment => environment, :login => remote_user, :email => remote_user_email, :name => remote_user_name, :password => ('pw4'+remote_user), :password_confirmation => ('pw4'+remote_user))  
45 - self.current_user.activate  
46 - end  
47 - self.current_user.save! 46 + self.current_user = RemoteUserPlugin::current_user request, environment
48 end 47 end
49 end 48 end
50 end 49 end
plugins/remote_user/test/unit/remote_user_plugin_test.rb 0 → 100644
  Diff comments   View file @1bafef8
@@ -0,0 +1,11 @@ @@ -0,0 +1,11 @@
  1 +require 'test_helper'
  2 +require_relative '../../../../test/api/test_helper'
  3 +
  4 +class RemoteUserPluginTest < ActiveSupport::TestCase
  5 + should 'call remote user hotspot to authenticate in API' do
  6 + environment = Environment.default
  7 + environment.enable_plugin(RemoteUserPlugin)
  8 + RemoteUserPlugin.any_instance.expects(:api_custom_login).once
  9 + get "/api/v1/people/me"
  10 + end
  11 +end
test/api/helpers_test.rb
  Diff comments   View file @1bafef8
@@ -41,15 +41,24 @@ class APIHelpersTest &lt; ActiveSupport::TestCase @@ -41,15 +41,24 @@ class APIHelpersTest &lt; ActiveSupport::TestCase
41 assert_equal user.person, current_person 41 assert_equal user.person, current_person
42 end 42 end
43 43
44 -# #FIXME see how to make this test. Get the current_user variable  
45 -# should 'set current_user to nil after logout' do  
46 -# user = create_user('someuser')  
47 -# user.stubs(:private_token_expired?).returns(false)  
48 -# User.stubs(:find_by(private_token).returns: user)  
49 -# assert_not_nil current_user  
50 -# assert false  
51 -# logout  
52 -# end 44 + should 'get the current user from plugins' do
  45 +
  46 + class CoolPlugin < Noosfero::Plugin
  47 + def api_custom_login request
  48 + user = User.create!(:login => 'zombie', :password => 'zombie', :password_confirmation => 'zombie', :email => 'zombie@brains.org', :environment => environment)
  49 + user.activate
  50 + user
  51 + end
  52 + end
  53 +
  54 + Noosfero::Plugin.stubs(:all).returns([CoolPlugin.name])
  55 + Environment.default.enable_plugin(CoolPlugin)
  56 +
  57 + get "/api/v1/people/me"
  58 +
  59 + json = JSON.parse(last_response.body)
  60 + assert_equal "zombie", json['person']['name']
  61 + end
53 62
54 should 'limit be defined as the params limit value' do 63 should 'limit be defined as the params limit value' do
55 local_limit = 30 64 local_limit = 30