Merge pull request #612 from AyuntamientoMadrid/login-uweb

Login en management
2015-10-15 19:19:37 +02:00
parent 31788ff7eb 5203f5c983
commit 32f2680663
16 changed files with 152 additions and 105 deletions
--- a/app/controllers/management/base_controller.rb
+++ b/app/controllers/management/base_controller.rb
@@ -12,7 +12,7 @@ class Management::BaseController < ActionController::Base
    end

    def current_manager
-      @current_manager ||= Manager.find(session["manager_id"]) if session["manager_id"]
+      session["manager"]
    end

    def managed_user
--- a/app/controllers/management/sessions_controller.rb
+++ b/app/controllers/management/sessions_controller.rb
@@ -1,9 +1,11 @@
+require "manager_authenticator"
+
 class Management::SessionsController < ActionController::Base

  def create
    destroy_session
-    if manager = Manager.valid_manager(params[:login], params[:clave_usuario])
-      session["manager_id"] = manager.id
+    if manager = ManagerAuthenticator.new(params).auth
+      session["manager"] = manager
      redirect_to management_root_path
    else
      raise ActionController::RoutingError.new('Not Found')
@@ -18,7 +20,7 @@ class Management::SessionsController < ActionController::Base
  private

    def destroy_session
-      session["manager_id"] = nil
+      session["manager"] = nil
    end

 end
--- a/app/models/manager.rb
+++ b/app/models/manager.rb
@@ -1,12 +0,0 @@
-class Manager < ActiveRecord::Base
-  validates :username, presence: true, uniqueness: true
-  validates :password_digest, presence: true
-
-  has_secure_password
-
-  def self.valid_manager(username = nil, password = nil)
-    return false unless username.present? && password.present?
-    Manager.find_by(username: username).try(:authenticate, password)
-  end
-
-end
--- a/db/migrate/20151015135154_destroy_manager.rb
+++ b/db/migrate/20151015135154_destroy_manager.rb
@@ -0,0 +1,16 @@
+class DestroyManager < ActiveRecord::Migration
+  def self.up
+    drop_table :managers
+  end
+
+  def self.down
+    create_table :managers do |t|
+      t.string :username, null: false
+      t.string :password_digest, null: false
+      t.timestamp :last_login_at
+      t.timestamps
+    end
+
+    add_index :managers, [:username]
+  end
+end
--- a/db/schema.rb
+++ b/db/schema.rb
@@ -11,7 +11,7 @@
 #
 # It's strongly recommended that you check this file into your version control system.

-ActiveRecord::Schema.define(version: 20151013145757) do
+ActiveRecord::Schema.define(version: 20151015135154) do

  # These are extensions that must be enabled in order to support this database
  enable_extension "plpgsql"
@@ -168,16 +168,6 @@ ActiveRecord::Schema.define(version: 20151013145757) do

  add_index "locks", ["user_id"], name: "index_locks_on_user_id", using: :btree

-  create_table "managers", force: :cascade do |t|
-    t.string   "username",        null: false
-    t.string   "password_digest", null: false
-    t.datetime "last_login_at"
-    t.datetime "created_at"
-    t.datetime "updated_at"
-  end
-
-  add_index "managers", ["username"], name: "index_managers_on_username", using: :btree
-
  create_table "moderators", force: :cascade do |t|
    t.integer "user_id"
  end
--- a/lib/manager_authenticator.rb
+++ b/lib/manager_authenticator.rb
@@ -0,0 +1,44 @@
+class ManagerAuthenticator
+
+  def initialize(data={})
+    @manager = {login: data[:login], user_key: data[:clave_usuario], date: data[:fecha_conexion]}
+  end
+
+  def auth
+    return false unless [@manager[:login], @manager[:user_key], @manager[:date]].all? {|_| _.present?}
+    return @manager if manager_exists? && application_authorized?
+    false
+  end
+
+  private
+
+    def manager_exists?
+      response = client.call(:get_status_user_data, message: { ub: {user_key: @manager[:user_key], date: @manager[:date]} }).body
+      parsed_response = parser.parse((response[:get_status_user_data_response][:get_status_user_data_return]))
+      @manager[:login] == parsed_response["USUARIO"]["LOGIN"]
+    rescue
+      false
+    end
+
+    def application_authorized?
+      response = client.call(:get_applications_user_list, message: { ub: {user_key: @manager[:user_key]} }).body
+      parsed_response = parser.parse((response[:get_applications_user_list_response][:get_applications_user_list_return]))
+      aplication_value = parsed_response["APLICACIONES"]["APLICACION"]
+      # aplication_value from UWEB can be an array of hashes or a hash
+      aplication_value.include?( {"CLAVE_APLICACION" => application_key}) || aplication_value["CLAVE_APLICACION"] == application_key
+    rescue
+      false
+    end
+
+    def client
+      @client ||= Savon.client(wsdl: Rails.application.secrets.managers_url)
+    end
+
+    def parser
+      @parser ||= Nori.new
+    end
+
+    def application_key
+      Rails.application.secrets.managers_application_key.to_s
+    end
+end
--- a/spec/controllers/management/sessions_controller_spec.rb
+++ b/spec/controllers/management/sessions_controller_spec.rb
@@ -2,36 +2,28 @@ require 'rails_helper'

 describe Management::SessionsController do

-  before(:all) do
-    create(:manager, username: "supermanager" , password: "secret")
-  end
-
  describe 'Sign in' do
-    it "should return 404 if not username/password" do
-      expect { get :create }.to raise_error "Not Found"
-    end
-
-    it "should return 404 if wrong username" do
-      expect { get :create, login: "nonexistent" , clave_usuario: "secret" }.to raise_error "Not Found"
-    end
-
-    it "should return 404 if wrong password" do
-      expect { get :create, login: "supermanager" , clave_usuario: "wrong" }.to raise_error "Not Found"
+    it "should return 404 if wrong credentials" do
+      allow_any_instance_of(ManagerAuthenticator).to receive(:auth).and_return(false)
+      expect { get :create, login: "nonexistent" , clave_usuario: "wrong"}.to raise_error "Not Found"
    end

    it "should redirect to management root path if right credentials" do
-      get :create, login: "supermanager" , clave_usuario: "secret"
+      manager = {login: "JJB033", user_key: "31415926" , date: "20151031135905"}
+      allow_any_instance_of(ManagerAuthenticator).to receive(:auth).and_return(manager)
+
+      get :create, login: "JJB033" , clave_usuario: "31415926", fecha_conexion: "20151031135905"
      expect(response).to be_redirect
    end
  end

  describe 'Sign out' do
    it "should destroy the session and redirect" do
-      session[:manager_id] = 1
+      session[:manager] = {user_key: "31415926" , date: "20151031135905", login: "JJB033"}

      delete :destroy

-      expect(session[:manager_id]).to be_nil
+      expect(session[:manager]).to be_nil
      expect(response).to be_redirect
    end
  end
--- a/spec/factories.rb
+++ b/spec/factories.rb
@@ -223,11 +223,6 @@ FactoryGirl.define do
    user
  end

-  factory :manager do
-    sequence(:username) { |n| "manager#{n}" }
-    password            'supersecret'
-  end
-
  factory :organization do
    user
    responsible_name "Johnny Utah"
--- a/spec/features/management/document_verifications_spec.rb
+++ b/spec/features/management/document_verifications_spec.rb
@@ -3,7 +3,7 @@ require 'rails_helper'
 feature 'DocumentVerifications' do

  background do
-    login_as_manager(create(:manager))
+    login_as_manager
  end

  scenario 'Verifying a level 3 user shows an "already verified" page' do
--- a/spec/features/management/email_verifications_spec.rb
+++ b/spec/features/management/email_verifications_spec.rb
@@ -3,7 +3,7 @@ require 'rails_helper'
 feature 'EmailVerifications' do

  scenario 'Verifying a level 1 user via email' do
-    login_as_manager(create(:manager))
+    login_as_manager

    user = create(:user)

--- a/spec/features/management/managed_users_spec.rb
+++ b/spec/features/management/managed_users_spec.rb
@@ -3,7 +3,7 @@ require 'rails_helper'
 feature 'Managed User' do

  background do
-    login_as_manager(create(:manager))
+    login_as_manager
  end

  context "Currently managed user" do
@@ -47,7 +47,7 @@ feature 'Managed User' do
    end

    scenario "User becomes verified as level two (pending email confirmation for level three)" do
-      login_as_manager(create(:manager))
+      login_as_manager

      user = create(:user)

@@ -71,7 +71,7 @@ feature 'Managed User' do
    end

    scenario "User is created as level three from scratch" do
-      login_as_manager(create(:manager))
+      login_as_manager

      visit management_document_verifications_path
      fill_in 'document_verification_document_number', with: '1234'
--- a/spec/features/management/proposals_spec.rb
+++ b/spec/features/management/proposals_spec.rb
@@ -3,8 +3,7 @@ require 'rails_helper'
 feature 'Proposals' do

  background do
-    manager = create(:manager)
-    login_as_manager(manager)
+    login_as_manager
  end

  context "Create" do
--- a/spec/features/management/users_spec.rb
+++ b/spec/features/management/users_spec.rb
@@ -4,7 +4,7 @@ feature 'users' do

  scenario 'Creating a level 3 user from scratch' do

-    login_as_manager(create(:manager))
+    login_as_manager

    visit management_document_verifications_path
    fill_in 'document_verification_document_number', with: '1234'
--- a/spec/lib/manager_authenticator_spec.rb
+++ b/spec/lib/manager_authenticator_spec.rb
@@ -0,0 +1,65 @@
+require 'rails_helper'
+
+describe ManagerAuthenticator do
+  describe 'initialization params' do
+    it 'should cause auth to return false if blank login' do
+      authenticator = ManagerAuthenticator.new({login: "", clave_usuario: "31415926", fecha_conexion: "20151031135905"})
+      expect(authenticator.auth).to be false
+    end
+
+    it 'should cause auth to return false if blank user_key' do
+      authenticator = ManagerAuthenticator.new({login: "JJB033", clave_usuario: "", fecha_conexion: "20151031135905"})
+      expect(authenticator.auth).to be false
+    end
+
+    it 'should cause auth to return false if blank date' do
+      authenticator = ManagerAuthenticator.new({login: "JJB033", clave_usuario: "31415926", fecha_conexion: ""})
+      expect(authenticator.auth).to be false
+    end
+  end
+
+  describe '#auth' do
+    before(:all) do
+      @authenticator = ManagerAuthenticator.new({login: "JJB033", clave_usuario: "31415926", fecha_conexion: "20151031135905"})
+    end
+
+    it 'should return false if not manager_exists' do
+      allow(@authenticator).to receive(:manager_exists?).and_return(false)
+      allow(@authenticator).to receive(:application_authorized?).and_return(true)
+
+      expect(@authenticator.auth).to be false
+    end
+
+    it 'should return false if not application_authorized' do
+      allow(@authenticator).to receive(:manager_exists?).and_return(true)
+      allow(@authenticator).to receive(:application_authorized?).and_return(false)
+
+      expect(@authenticator.auth).to be false
+    end
+
+    it 'should return ok if manager_exists and application_authorized' do
+      allow(@authenticator).to receive(:manager_exists?).and_return(true)
+      allow(@authenticator).to receive(:application_authorized?).and_return(true)
+
+      expect(@authenticator.auth).to be_truthy
+    end
+  end
+
+  describe 'SOAP' do
+    before(:all) do
+      @authenticator = ManagerAuthenticator.new({login: "JJB033", clave_usuario: "31415926", fecha_conexion: "20151031135905"})
+    end
+
+    it 'should call the verification user method' do
+      allow(@authenticator).to receive(:application_authorized?).and_return(true)
+      expect(@authenticator.send(:client)).to receive(:call).with(:get_status_user_data, message: { ub: {user_key: "31415926", date: "20151031135905"} })
+      @authenticator.auth
+    end
+
+    it 'should call the permissions check method' do
+      allow(@authenticator).to receive(:manager_exists?).and_return(true)
+      expect(@authenticator.send(:client)).to receive(:call).with(:get_applications_user_list, message: { ub: {user_key: "31415926"} })
+      @authenticator.auth
+    end
+  end
+end
--- a/spec/models/manager_spec.rb
+++ b/spec/models/manager_spec.rb
@@ -1,46 +0,0 @@
-require 'rails_helper'
-
-describe Manager do
-
-  describe "valid?" do
-
-    let(:manager) { create(:manager) }
-
-    it "is false when username is blank" do
-      manager.username = nil
-      expect(manager).to_not be_valid
-    end
-    it "is false when password is blank" do
-      manager.password_digest = nil
-      expect(manager).to_not be_valid
-    end
-
-    it "is true if username and password present" do
-      expect(manager).to be_valid
-    end
-  end
-
-  describe "self.valid_manager" do
-    before(:all) { create(:manager, username: "Silvia" ,password: "supersecret") }
-
-    it "is false when username is blank" do
-      expect(Manager.valid_manager(nil, "supersecret")).to be_blank
-    end
-    it "is false when password is blank" do
-      expect(Manager.valid_manager("Silvia", nil)).to be_blank
-    end
-
-    it "is false if manager unexistent" do
-      expect(Manager.valid_manager("Manager", "supersecret")).to be_blank
-    end
-
-    it "is false if wrong password unexistent" do
-      expect(Manager.valid_manager("Silvia", "wrong")).to be_blank
-    end
-
-    it "is true if right username/password combination" do
-      expect(Manager.valid_manager("Silvia", "supersecret")).to be_present
-    end
-  end
-
-end
--- a/spec/support/common_actions.rb
+++ b/spec/support/common_actions.rb
@@ -24,8 +24,10 @@ module CommonActions
    click_button 'Log in'
  end

-  def login_as_manager(manager)
-    visit management_sign_in_path(login: manager.username, clave_usuario: manager.password)
+  def login_as_manager
+    login, user_key, date = "JJB042", "31415926", Time.now.strftime("%Y%m%d%H%M%S")
+    allow_any_instance_of(ManagerAuthenticator).to receive(:auth).and_return({login: login, user_key: user_key, date: date})
+    visit management_sign_in_path(login: login, clave_usuario: user_key, fecha_conexion: date)
  end

  def login_managed_user(user)