[stoa] Stoa Plugin

Rodrigo Souto
1 parent 9ec7a43a
Showing 9 changed files with 278 additions and 0 deletions Show diff stats
plugins/stoa/README
plugins/stoa/controllers/stoa_plugin_controller.rb
plugins/stoa/db/migrate/20120301212702_add_usp_id_to_profile.rb
plugins/stoa/lib/stoa_plugin.rb
plugins/stoa/lib/stoa_plugin/usp_user.rb
plugins/stoa/public/style.css
plugins/stoa/test/functional/account_controller_test.rb
plugins/stoa/test/functional/stoa_plugin_controller_test.rb
plugins/stoa/test/unit/usp_user.rb
@@ -0,0 +1,12 @@
+Banco de Dados
+==============
+
+É preciso adicionar uma seção definindo a conexão com o banco de usuários da USP, no arquivo config/database.yml com identificador stoa.
+``
+stoa:
+  adapter: mysql
+  host: db2.stoa.usp.br
+  database: usp
+  username: <usuario>
+  password: <senha>
+``
@@ -0,0 +1,31 @@
+class StoaPluginController < PublicController
+  append_view_path File.join(File.dirname(__FILE__) + '/../views')
+
+  def authenticate
+    if request.ssl? && request.post?
+      user = User.authenticate(params[:login], params[:password], environment)
+      if user
+        result = {
+          :username => user.login,
+          :email => user.email,
+          :name => user.name,
+          :nusp => user.person.usp_id,
+          :first_name => user.name.split(' ').first,
+          :surname => user.name.split(' ',2).last,
+          :address => user.person.address,
+          :homepage => user.person.url,
+        }
+      else
+        result = { :error => _('Incorrect user/password pair.') }
+      end
+      render :text => result.to_json
+    else
+      render :text => { :error => _('Conection requires SSL certificate and post method.') }.to_json
+    end
+  end
+
+  def check_usp_id
+    render :text => { :exists => StoaPlugin::UspUser.exists?(params[:usp_id]) }.to_json
+  end
+
+end
@@ -0,0 +1,9 @@
+class AddUspIdToProfile < ActiveRecord::Migration
+  def self.up
+    add_column :profiles, :usp_id, :string
+  end
+
+  def self.down
+    remove_column :profiles, :usp_id
+  end
+end
@@ -0,0 +1,59 @@
+require_dependency 'person'
+
+class StoaPlugin < Noosfero::Plugin
+
+  Person.human_names[:usp_id] = _('USP number')
+
+  def self.plugin_name
+    "Stoa"
+  end
+
+  def self.plugin_description
+    _("Add Stoa features")
+  end
+
+  def stylesheet?
+    true
+  end
+
+  def signup_extra_contents
+    lambda {
+      required(labelled_form_field(_('USP number'), text_field_tag('profile_data[usp_id]', '', :id => 'usp_id_field'))) +
+      labelled_form_field(_('Select a confirmation data'), select_tag('confirmation_field',
+        options_for_select([['CPF','cpf'], [_('Mother\'s name'), 'mother'], [_('Birth date (yyyy-mm-dd)'), 'birth']])
+      )) +
+      required(labelled_form_field(_('Confirmation value'), text_field_tag('confirmation_value', '', :placeholder=>_('Confirmation value')))) +
+      javascript_tag(<<-EOF
+        jQuery("#usp_id_field").change(function(){
+          var me=this;
+          jQuery(this).addClass('checking').removeClass('validated');
+          jQuery.getJSON('#{url_for(:controller => 'stoa_plugin', :action => 'check_usp_id')}?usp_id='+this.value,
+            function(data){
+              if(data.exists) jQuery(me).removeClass('checking').addClass('validated');
+              else jQuery(me).removeClass('checking').addClass('invalid');
+            }
+          );
+        });
+        EOF
+      )
+    }
+  end
+
+  def account_controller_filters
+    block = lambda do
+      if request.post?
+        if !StoaPlugin::UspUser.matches?(params[:profile_data][:usp_id], params[:confirmation_field], params[:confirmation_value])
+          @person = Person.new
+          @person.errors.add(:usp_id, _(' validation failed'))
+          render :action => :signup
+        end
+      end
+    end
+
+    [{ :type => 'before_filter',
+      :method_name => 'validate_usp_id',
+      :options => {:only => 'signup'},
+      :block => block }]
+  end
+
+end
@@ -0,0 +1,21 @@
+class StoaPlugin::UspUser < ActiveRecord::Base
+
+  establish_connection(:stoa)
+  set_table_name('pessoa')
+
+  SALT=YAML::load(File.open(StoaPlugin.root_path + '/config.yml'))['salt']
+
+  alias_attribute :cpf, :numcpf
+  alias_attribute :rg, :numdocidf
+
+  def self.exists?(usp_id)
+    !StoaPlugin::UspUser.find(:first, :conditions => {:codpes => usp_id}).nil?
+  end
+
+  def self.matches?(usp_id, field, value)
+    user = StoaPlugin::UspUser.find(:first, :conditions => {:codpes => usp_id})
+    return false if user.nil? || !user.respond_to?(field) || value.blank?
+    user.send(field) == Digest::MD5.hexdigest(SALT+value.to_s)
+  end
+
+end
@@ -0,0 +1,5 @@
+#signup-form label[for="usp_id_field"],
+#signup-form label[for="confirmation_field"] {
+  display: block;
+}
+
@@ -0,0 +1,32 @@
+require File.dirname(__FILE__) + '/../../../../test/test_helper'
+require File.dirname(__FILE__) + '/../../../../app/controllers/public/account_controller'
+
+# Re-raise errors caught by the controller.
+class AccountController; def rescue_action(e) raise e end; end
+
+class AccountControllerTest < ActionController::TestCase
+
+  def setup
+    @controller = AccountController.new
+    @request    = ActionController::TestRequest.new
+    @response   = ActionController::TestResponse.new
+    environment = Environment.default
+    environment.enabled_plugins = ['StoaPlugin']
+    environment.save!
+    @db = Tempfile.new('stoa-test')
+    configs = ActiveRecord::Base.configurations['stoa'] = {:adapter => 'sqlite3', :database => @db.path}
+  end
+
+  should 'fail if confirmation value doesn\'t match' do
+    StoaPlugin::UspUser.stubs(:matches?).returns(false)
+    post :signup, :profile_data => {:usp_id => '87654321'}, :confirmation_field => 'cpf', :confirmation_value => '00000000'
+    assert_not_nil assigns(:person).errors[:usp_id]
+  end
+
+  should 'pass if confirmation value matches' do
+    StoaPlugin::UspUser.stubs(:matches?).returns(true)
+    post :signup, :profile_data => {:usp_id => '87654321'}, :confirmation_field => 'cpf', :confirmation_value => '12345678'
+    assert_nil assigns(:person).errors[:usp_id]
+  end
+
+end
@@ -0,0 +1,74 @@
+require File.dirname(__FILE__) + '/../../../../test/test_helper'
+require File.dirname(__FILE__) + '/../../controllers/stoa_plugin_controller'
+
+# Re-raise errors caught by the controller.
+class StoaPluginController; def rescue_action(e) raise e end; end
+
+class StoaPluginControllerTest < ActionController::TestCase
+
+  def setup
+    @controller = StoaPluginController.new
+    @request    = ActionController::TestRequest.new
+    @response   = ActionController::TestResponse.new
+    @user = create_user('real_user', :password => '123456', :password_confirmation => '123456')
+    environment = Environment.default
+    environment.enabled_plugins = ['StoaPlugin']
+    environment.save!
+    @db = Tempfile.new('stoa-test')
+    configs = ActiveRecord::Base.configurations['stoa'] = {:adapter => 'sqlite3', :database => @db.path}
+  end
+
+  attr_accessor :user
+
+  should 'not authenticate if method not post' do
+    @request.stubs(:ssl?).returns(true)
+    get :authenticate, :login => user.login, :password => '123456'
+
+    assert_not_nil json_response['error']
+    assert_match /post method/,json_response['error']
+  end
+
+  should 'not authenticate if request is not using ssl' do
+    @request.stubs(:ssl?).returns(false)
+    post :authenticate, :login => user.login, :password => '123456'
+
+    assert_not_nil json_response['error']
+    assert_match /SSL/,json_response['error']
+  end
+
+  should 'not authenticate if method password is wrong' do
+    @request.stubs(:ssl?).returns(true)
+    post :authenticate, :login => user.login, :password => 'wrong_password'
+
+    assert_not_nil json_response['error']
+    assert_match /password/,json_response['error']
+  end
+
+  should 'authenticate if everything is right' do
+    @request.stubs(:ssl?).returns(true)
+    post :authenticate, :login => user.login, :password => '123456'
+
+    assert_nil json_response['error']
+    assert_equal user.login, json_response['username']
+  end
+
+  should 'check invalid usp id' do
+    StoaPlugin::UspUser.stubs(:exists?).returns(false)
+    get :check_usp_id, :usp_id => '987654321'
+    assert !json_response['exists']
+  end
+
+  should 'check valid usp id' do
+    StoaPlugin::UspUser.stubs(:exists?).returns(true)
+    get :check_usp_id, :usp_id => '987654321'
+    assert json_response['exists']
+  end
+
+  private
+
+  def json_response
+    ActiveSupport::JSON.decode @response.body
+  end
+
+end
+
@@ -0,0 +1,35 @@
+require File.dirname(__FILE__) + '/../../../../test/test_helper'
+
+class StoaPlugin::UspUserTest < ActiveSupport::TestCase
+
+  SALT=YAML::load(File.open(StoaPlugin.root_path + '/config.yml'))['salt']
+
+  def setup
+    @db = Tempfile.new('stoa-test')
+    configs = ActiveRecord::Base.configurations['stoa'] = {:adapter => 'sqlite3', :database => @db.path}
+    ActiveRecord::Base.establish_connection(:stoa)
+    ActiveRecord::Schema.create_table "pessoa" do |t|
+      t.integer  "codpes"
+      t.text     "numcpf"
+      t.text     "numdocidf"
+    end
+    ActiveRecord::Base.establish_connection(:test)
+    StoaPlugin::UspUser.create!(:codpes => 123456, :cpf => Digest::MD5.hexdigest(SALT+'12345678'), :rg => Digest::MD5.hexdigest(SALT+'87654321'))
+  end
+
+  def teardown
+    @db.unlink
+  end
+
+  should 'check existence of usp_id' do
+    assert  StoaPlugin::UspUser.exists?(123456)
+    assert !StoaPlugin::UspUser.exists?(654321)
+  end
+
+  should 'check if usp_id matches with a field' do
+    assert  StoaPlugin::UspUser.matches?(123456, :cpf, 12345678)
+    assert !StoaPlugin::UspUser.matches?(123456, :cpf, 87654321)
+    assert !StoaPlugin::UspUser.matches?(654321, :cpf, 12345678)
+  end
+end
+
@@ -0,0 +1,12 @@		@@ -0,0 +1,12 @@
	1	+Banco de Dados
	2	+==============
	3	+
	4	+É preciso adicionar uma seção definindo a conexão com o banco de usuários da USP, no arquivo config/database.yml com identificador stoa.
	5	+``
	6	+stoa:
	7	+ adapter: mysql
	8	+ host: db2.stoa.usp.br
	9	+ database: usp
	10	+ username: <usuario>
	11	+ password: <senha>
	12	+``
@@ -0,0 +1,31 @@		@@ -0,0 +1,31 @@
	1	+class StoaPluginController < PublicController
	2	+ append_view_path File.join(File.dirname(__FILE__) + '/../views')
	3	+
	4	+ def authenticate
	5	+ if request.ssl? && request.post?
	6	+ user = User.authenticate(params[:login], params[:password], environment)
	7	+ if user
	8	+ result = {
	9	+ :username => user.login,
	10	+ :email => user.email,
	11	+ :name => user.name,
	12	+ :nusp => user.person.usp_id,
	13	+ :first_name => user.name.split(' ').first,
	14	+ :surname => user.name.split(' ',2).last,
	15	+ :address => user.person.address,
	16	+ :homepage => user.person.url,
	17	+ }
	18	+ else
	19	+ result = { :error => _('Incorrect user/password pair.') }
	20	+ end
	21	+ render :text => result.to_json
	22	+ else
	23	+ render :text => { :error => _('Conection requires SSL certificate and post method.') }.to_json
	24	+ end
	25	+ end
	26	+
	27	+ def check_usp_id
	28	+ render :text => { :exists => StoaPlugin::UspUser.exists?(params[:usp_id]) }.to_json
	29	+ end
	30	+
	31	+end
@@ -0,0 +1,9 @@		@@ -0,0 +1,9 @@
	1	+class AddUspIdToProfile < ActiveRecord::Migration
	2	+ def self.up
	3	+ add_column :profiles, :usp_id, :string
	4	+ end
	5	+
	6	+ def self.down
	7	+ remove_column :profiles, :usp_id
	8	+ end
	9	+end
@@ -0,0 +1,59 @@		@@ -0,0 +1,59 @@
	1	+require_dependency 'person'
	2	+
	3	+class StoaPlugin < Noosfero::Plugin
	4	+
	5	+ Person.human_names[:usp_id] = _('USP number')
	6	+
	7	+ def self.plugin_name
	8	+ "Stoa"
	9	+ end
	10	+
	11	+ def self.plugin_description
	12	+ _("Add Stoa features")
	13	+ end
	14	+
	15	+ def stylesheet?
	16	+ true
	17	+ end
	18	+
	19	+ def signup_extra_contents
	20	+ lambda {
	21	+ required(labelled_form_field(_('USP number'), text_field_tag('profile_data[usp_id]', '', :id => 'usp_id_field'))) +
	22	+ labelled_form_field(_('Select a confirmation data'), select_tag('confirmation_field',
	23	+ options_for_select([['CPF','cpf'], [_('Mother\'s name'), 'mother'], [_('Birth date (yyyy-mm-dd)'), 'birth']])
	24	+ )) +
	25	+ required(labelled_form_field(_('Confirmation value'), text_field_tag('confirmation_value', '', :placeholder=>_('Confirmation value')))) +
	26	+ javascript_tag(<<-EOF
	27	+ jQuery("#usp_id_field").change(function(){
	28	+ var me=this;
	29	+ jQuery(this).addClass('checking').removeClass('validated');
	30	+ jQuery.getJSON('#{url_for(:controller => 'stoa_plugin', :action => 'check_usp_id')}?usp_id='+this.value,
	31	+ function(data){
	32	+ if(data.exists) jQuery(me).removeClass('checking').addClass('validated');
	33	+ else jQuery(me).removeClass('checking').addClass('invalid');
	34	+ }
	35	+ );
	36	+ });
	37	+ EOF
	38	+ )
	39	+ }
	40	+ end
	41	+
	42	+ def account_controller_filters
	43	+ block = lambda do
	44	+ if request.post?
	45	+ if !StoaPlugin::UspUser.matches?(params[:profile_data][:usp_id], params[:confirmation_field], params[:confirmation_value])
	46	+ @person = Person.new
	47	+ @person.errors.add(:usp_id, _(' validation failed'))
	48	+ render :action => :signup
	49	+ end
	50	+ end
	51	+ end
	52	+
	53	+ [{ :type => 'before_filter',
	54	+ :method_name => 'validate_usp_id',
	55	+ :options => {:only => 'signup'},
	56	+ :block => block }]
	57	+ end
	58	+
	59	+end
@@ -0,0 +1,21 @@		@@ -0,0 +1,21 @@
	1	+class StoaPlugin::UspUser < ActiveRecord::Base
	2	+
	3	+ establish_connection(:stoa)
	4	+ set_table_name('pessoa')
	5	+
	6	+ SALT=YAML::load(File.open(StoaPlugin.root_path + '/config.yml'))['salt']
	7	+
	8	+ alias_attribute :cpf, :numcpf
	9	+ alias_attribute :rg, :numdocidf
	10	+
	11	+ def self.exists?(usp_id)
	12	+ !StoaPlugin::UspUser.find(:first, :conditions => {:codpes => usp_id}).nil?
	13	+ end
	14	+
	15	+ def self.matches?(usp_id, field, value)
	16	+ user = StoaPlugin::UspUser.find(:first, :conditions => {:codpes => usp_id})
	17	+ return false if user.nil? \|\| !user.respond_to?(field) \|\| value.blank?
	18	+ user.send(field) == Digest::MD5.hexdigest(SALT+value.to_s)
	19	+ end
	20	+
	21	+end
@@ -0,0 +1,5 @@		@@ -0,0 +1,5 @@
	1	+#signup-form label[for="usp_id_field"],
	2	+#signup-form label[for="confirmation_field"] {
	3	+ display: block;
	4	+}
	5	+
@@ -0,0 +1,32 @@		@@ -0,0 +1,32 @@
	1	+require File.dirname(__FILE__) + '/../../../../test/test_helper'
	2	+require File.dirname(__FILE__) + '/../../../../app/controllers/public/account_controller'
	3	+
	4	+# Re-raise errors caught by the controller.
	5	+class AccountController; def rescue_action(e) raise e end; end
	6	+
	7	+class AccountControllerTest < ActionController::TestCase
	8	+
	9	+ def setup
	10	+ @controller = AccountController.new
	11	+ @request = ActionController::TestRequest.new
	12	+ @response = ActionController::TestResponse.new
	13	+ environment = Environment.default
	14	+ environment.enabled_plugins = ['StoaPlugin']
	15	+ environment.save!
	16	+ @db = Tempfile.new('stoa-test')
	17	+ configs = ActiveRecord::Base.configurations['stoa'] = {:adapter => 'sqlite3', :database => @db.path}
	18	+ end
	19	+
	20	+ should 'fail if confirmation value doesn\'t match' do
	21	+ StoaPlugin::UspUser.stubs(:matches?).returns(false)
	22	+ post :signup, :profile_data => {:usp_id => '87654321'}, :confirmation_field => 'cpf', :confirmation_value => '00000000'
	23	+ assert_not_nil assigns(:person).errors[:usp_id]
	24	+ end
	25	+
	26	+ should 'pass if confirmation value matches' do
	27	+ StoaPlugin::UspUser.stubs(:matches?).returns(true)
	28	+ post :signup, :profile_data => {:usp_id => '87654321'}, :confirmation_field => 'cpf', :confirmation_value => '12345678'
	29	+ assert_nil assigns(:person).errors[:usp_id]
	30	+ end
	31	+
	32	+end
@@ -0,0 +1,74 @@		@@ -0,0 +1,74 @@
	1	+require File.dirname(__FILE__) + '/../../../../test/test_helper'
	2	+require File.dirname(__FILE__) + '/../../controllers/stoa_plugin_controller'
	3	+
	4	+# Re-raise errors caught by the controller.
	5	+class StoaPluginController; def rescue_action(e) raise e end; end
	6	+
	7	+class StoaPluginControllerTest < ActionController::TestCase
	8	+
	9	+ def setup
	10	+ @controller = StoaPluginController.new
	11	+ @request = ActionController::TestRequest.new
	12	+ @response = ActionController::TestResponse.new
	13	+ @user = create_user('real_user', :password => '123456', :password_confirmation => '123456')
	14	+ environment = Environment.default
	15	+ environment.enabled_plugins = ['StoaPlugin']
	16	+ environment.save!
	17	+ @db = Tempfile.new('stoa-test')
	18	+ configs = ActiveRecord::Base.configurations['stoa'] = {:adapter => 'sqlite3', :database => @db.path}
	19	+ end
	20	+
	21	+ attr_accessor :user
	22	+
	23	+ should 'not authenticate if method not post' do
	24	+ @request.stubs(:ssl?).returns(true)
	25	+ get :authenticate, :login => user.login, :password => '123456'
	26	+
	27	+ assert_not_nil json_response['error']
	28	+ assert_match /post method/,json_response['error']
	29	+ end
	30	+
	31	+ should 'not authenticate if request is not using ssl' do
	32	+ @request.stubs(:ssl?).returns(false)
	33	+ post :authenticate, :login => user.login, :password => '123456'
	34	+
	35	+ assert_not_nil json_response['error']
	36	+ assert_match /SSL/,json_response['error']
	37	+ end
	38	+
	39	+ should 'not authenticate if method password is wrong' do
	40	+ @request.stubs(:ssl?).returns(true)
	41	+ post :authenticate, :login => user.login, :password => 'wrong_password'
	42	+
	43	+ assert_not_nil json_response['error']
	44	+ assert_match /password/,json_response['error']
	45	+ end
	46	+
	47	+ should 'authenticate if everything is right' do
	48	+ @request.stubs(:ssl?).returns(true)
	49	+ post :authenticate, :login => user.login, :password => '123456'
	50	+
	51	+ assert_nil json_response['error']
	52	+ assert_equal user.login, json_response['username']
	53	+ end
	54	+
	55	+ should 'check invalid usp id' do
	56	+ StoaPlugin::UspUser.stubs(:exists?).returns(false)
	57	+ get :check_usp_id, :usp_id => '987654321'
	58	+ assert !json_response['exists']
	59	+ end
	60	+
	61	+ should 'check valid usp id' do
	62	+ StoaPlugin::UspUser.stubs(:exists?).returns(true)
	63	+ get :check_usp_id, :usp_id => '987654321'
	64	+ assert json_response['exists']
	65	+ end
	66	+
	67	+ private
	68	+
	69	+ def json_response
	70	+ ActiveSupport::JSON.decode @response.body
	71	+ end
	72	+
	73	+end
	74	+
@@ -0,0 +1,35 @@		@@ -0,0 +1,35 @@
	1	+require File.dirname(__FILE__) + '/../../../../test/test_helper'
	2	+
	3	+class StoaPlugin::UspUserTest < ActiveSupport::TestCase
	4	+
	5	+ SALT=YAML::load(File.open(StoaPlugin.root_path + '/config.yml'))['salt']
	6	+
	7	+ def setup
	8	+ @db = Tempfile.new('stoa-test')
	9	+ configs = ActiveRecord::Base.configurations['stoa'] = {:adapter => 'sqlite3', :database => @db.path}
	10	+ ActiveRecord::Base.establish_connection(:stoa)
	11	+ ActiveRecord::Schema.create_table "pessoa" do \|t\|
	12	+ t.integer "codpes"
	13	+ t.text "numcpf"
	14	+ t.text "numdocidf"
	15	+ end
	16	+ ActiveRecord::Base.establish_connection(:test)
	17	+ StoaPlugin::UspUser.create!(:codpes => 123456, :cpf => Digest::MD5.hexdigest(SALT+'12345678'), :rg => Digest::MD5.hexdigest(SALT+'87654321'))
	18	+ end
	19	+
	20	+ def teardown
	21	+ @db.unlink
	22	+ end
	23	+
	24	+ should 'check existence of usp_id' do
	25	+ assert StoaPlugin::UspUser.exists?(123456)
	26	+ assert !StoaPlugin::UspUser.exists?(654321)
	27	+ end
	28	+
	29	+ should 'check if usp_id matches with a field' do
	30	+ assert StoaPlugin::UspUser.matches?(123456, :cpf, 12345678)
	31	+ assert !StoaPlugin::UspUser.matches?(123456, :cpf, 87654321)
	32	+ assert !StoaPlugin::UspUser.matches?(654321, :cpf, 12345678)
	33	+ end
	34	+end
	35	+