Adds hotspot to allow custom API login method

Signed-off-by: Macartur Sousa <macartur.sc@gmail.com> Signed-off-by: Marcos Ronaldo <marcos.rpj2@gmail.com>

Adds hotspot to allow custom API login method
Signed-off-by: Macartur Sousa <macartur.sc@gmail.com> Signed-off-by: Marcos Ronaldo <marcos.rpj2@gmail.com>
Marcos Pereira · Marcos Pereira
1 parent d2159684
Showing 5 changed files with 56 additions and 32 deletions Show diff stats
lib/noosfero/api/helpers.rb
lib/noosfero/plugin.rb
plugins/remote_user/lib/remote_user_plugin.rb
plugins/remote_user/test/unit/remote_user_plugin_test.rb
test/api/helpers_test.rb
@@ -23,6 +23,7 @@ require_relative &#39;../../find_by_contents&#39;
       def current_user
         private_token = (params[PRIVATE_TOKEN_PARAM] || headers['Private-Token']).to_s
         @current_user ||= User.find_by private_token: private_token
+        @current_user ||= plugins.dispatch("api_custom_login", request).first
         @current_user
       end
@@ -682,6 +682,10 @@ class Noosfero::Plugin
     {}
   end
+  def api_custom_login request
+    nil
+  end
+
   def method_missing(method, *args, &block)
     # This is a generic hotspot for all controllers on Noosfero.
     # If any plugin wants to define filters to run on any controller, the name of
@@ -8,43 +8,42 @@ class RemoteUserPlugin &lt; Noosfero::Plugin
     _("A plugin that add remote user support.")
   end
+  def api_custom_login request
+    RemoteUserPlugin::current_user request, environment
+  end
+
+  def self.current_user request, environment
+    remote_user = request.env["HTTP_REMOTE_USER"]
+    user_data = request.env['HTTP_REMOTE_USER_DATA']
+
+    remote_user_email = user_data.blank? ? (remote_user + '@remote.user') : JSON.parse(user_data)['email']
+    remote_user_name = user_data.blank? ? remote_user : JSON.parse(user_data)['name']
+
+    user = User.where(environment_id: environment, login: remote_user).first
+    unless user
+      user = User.create!(:environment => environment, :login => remote_user, :email => remote_user_email, :name => remote_user_name, :password => ('pw4'+remote_user), :password_confirmation => ('pw4'+remote_user))
+      user.activate
+      user.save!
+    end
+    user
+  end
+
   def application_controller_filters
     block = proc do
       begin
         remote_user = request.headers["HTTP_REMOTE_USER"]
-        user_data = request.env['HTTP_REMOTE_USER_DATA']
         if remote_user.blank?
           self.current_user = nil
         else
-          if user_data.blank?
-            remote_user_email = remote_user + '@remote.user'
-            remote_user_name = remote_user
-          else
-            user_data = JSON.parse(user_data)
-            remote_user_email = user_data['email']
-            remote_user_name = user_data['name']
-          end
-
           if !logged_in?
-            self.current_user = User.where(environment_id: environment, login: remote_user).first
-            unless self.current_user
-              self.current_user = User.create!(:environment => environment, :login => remote_user, :email => remote_user_email, :name => remote_user_name, :password => ('pw4'+remote_user), :password_confirmation => ('pw4'+remote_user))
-              self.current_user.activate
-            end
-            self.current_user.save!
+            self.current_user = RemoteUserPlugin::current_user request, environment
           else
             if remote_user != self.current_user.login
               self.current_user.forget_me
               reset_session
-
-	      self.current_user = User.where(environment_id: environment, login: remote_user).first
-              unless self.current_user
-                self.current_user = User.create!(:environment => environment, :login => remote_user, :email => remote_user_email, :name => remote_user_name, :password => ('pw4'+remote_user), :password_confirmation => ('pw4'+remote_user))
-                self.current_user.activate
-              end
-              self.current_user.save!
+              self.current_user = RemoteUserPlugin::current_user request, environment
             end
           end
         end
@@ -0,0 +1,11 @@
+require 'test_helper'
+require_relative '../../../../test/api/test_helper'
+
+class RemoteUserPluginTest < ActiveSupport::TestCase
+  should 'call remote user hotspot to authenticate in API' do
+    environment = Environment.default
+    environment.enable_plugin(RemoteUserPlugin)
+    RemoteUserPlugin.any_instance.expects(:api_custom_login).once
+    get "/api/v1/people/me"
+  end
+end
@@ -41,15 +41,24 @@ class APIHelpersTest &lt; ActiveSupport::TestCase
     assert_equal user.person, current_person
   end
-#  #FIXME see how to make this test. Get the current_user variable
-#  should 'set current_user to nil after logout' do
-#    user = create_user('someuser')
-#    user.stubs(:private_token_expired?).returns(false)
-#    User.stubs(:find_by(private_token).returns: user)
-#    assert_not_nil current_user
-#    assert false
-#    logout
-#  end
+  should 'get the current user from plugins' do
+
+    class CoolPlugin < Noosfero::Plugin
+      def api_custom_login request
+        user = User.create!(:login => 'zombie', :password => 'zombie', :password_confirmation => 'zombie', :email => 'zombie@brains.org', :environment => environment)
+        user.activate
+        user
+      end
+    end
+
+    Noosfero::Plugin.stubs(:all).returns([CoolPlugin.name])
+    Environment.default.enable_plugin(CoolPlugin)
+
+    get "/api/v1/people/me"
+
+    json = JSON.parse(last_response.body)
+    assert_equal "zombie", json['person']['name']
+  end
   should 'limit be defined as the params limit value' do
     local_limit = 30
	@@ -23,6 +23,7 @@ require_relative '../../find_by_contents'		@@ -23,6 +23,7 @@ require_relative '../../find_by_contents'
23	def current_user	23	def current_user
24	private_token = (params[PRIVATE_TOKEN_PARAM] \|\| headers['Private-Token']).to_s	24	private_token = (params[PRIVATE_TOKEN_PARAM] \|\| headers['Private-Token']).to_s
25	@current_user \|\|= User.find_by private_token: private_token	25	@current_user \|\|= User.find_by private_token: private_token
		26	+ @current_user \|\|= plugins.dispatch("api_custom_login", request).first
26	@current_user	27	@current_user
27	end	28	end
28		29
@@ -0,0 +1,11 @@		@@ -0,0 +1,11 @@
	1	+require 'test_helper'
	2	+require_relative '../../../../test/api/test_helper'
	3	+
	4	+class RemoteUserPluginTest < ActiveSupport::TestCase
	5	+ should 'call remote user hotspot to authenticate in API' do
	6	+ environment = Environment.default
	7	+ environment.enable_plugin(RemoteUserPlugin)
	8	+ RemoteUserPlugin.any_instance.expects(:api_custom_login).once
	9	+ get "/api/v1/people/me"
	10	+ end
	11	+end
	@@ -41,15 +41,24 @@ class APIHelpersTest < ActiveSupport::TestCase		@@ -41,15 +41,24 @@ class APIHelpersTest < ActiveSupport::TestCase
41	assert_equal user.person, current_person	41	assert_equal user.person, current_person
42	end	42	end
43		43
44	-# #FIXME see how to make this test. Get the current_user variable
45	-# should 'set current_user to nil after logout' do
46	-# user = create_user('someuser')
47	-# user.stubs(:private_token_expired?).returns(false)
48	-# User.stubs(:find_by(private_token).returns: user)
49	-# assert_not_nil current_user
50	-# assert false
51	-# logout
52	-# end	44	+ should 'get the current user from plugins' do
		45	+
		46	+ class CoolPlugin < Noosfero::Plugin
		47	+ def api_custom_login request
		48	+ user = User.create!(:login => 'zombie', :password => 'zombie', :password_confirmation => 'zombie', :email => 'zombie@brains.org', :environment => environment)
		49	+ user.activate
		50	+ user
		51	+ end
		52	+ end
		53	+
		54	+ Noosfero::Plugin.stubs(:all).returns([CoolPlugin.name])
		55	+ Environment.default.enable_plugin(CoolPlugin)
		56	+
		57	+ get "/api/v1/people/me"
		58	+
		59	+ json = JSON.parse(last_response.body)
		60	+ assert_equal "zombie", json['person']['name']
		61	+ end
53		62
54	should 'limit be defined as the params limit value' do	63	should 'limit be defined as the params limit value' do
55	local_limit = 30	64	local_limit = 30