GRN2-155: Begin preparing for removal of Twitter accounts (#615)

* Add twitter deprecation message * Fix rspec test * Extract room switch to its own method * update method name
2019-07-09 13:06:07 -04:00 · 2019-07-09 13:06:07 -04:00 · 40b05b1626
parent a3158b5872
commit 40b05b1626
8 changed files with 180 additions and 49 deletions
--- a/app/controllers/sessions_controller.rb
+++ b/app/controllers/sessions_controller.rb
@ -51,6 +51,10 @@ class SessionsController < ApplicationController
      @auth = request.env['omniauth.auth']
      @user_exists = check_user_exists
      if !@user_exists && @auth['provider'] == "twitter"
        return redirect_to root_path, flash: { alert: I18n.t("registration.deprecated.twitter_signup") }
      end
      # If using invitation registration method, make sure user is invited
      return redirect_to root_path, flash: { alert: I18n.t("registration.invite.no_invite") } unless passes_invite_reqs
@ -70,6 +74,16 @@ class SessionsController < ApplicationController
                                             invite_registration && !@user_exists
      login(user)
      if @auth['provider'] == "twitter"
        flash[:alert] = if allow_user_signup? && allow_greenlight_accounts?
                          I18n.t("registration.deprecated.twitter_signin",
                            link: signup_path(old_twitter_user_id: user.id))
                        else
                          I18n.t("registration.deprecated.twitter_signin",
                            link: signin_path(old_twitter_user_id: user.id))
                        end
      end
    rescue => e
        logger.error "Error authenticating via omniauth: #{e}"
        omniauth_fail
--- a/app/controllers/users_controller.rb
+++ b/app/controllers/users_controller.rb
@ -62,6 +62,10 @@ class UsersController < ApplicationController
  # GET /signin
  def signin
    unless params[:old_twitter_user_id].nil? && session[:old_twitter_user_id].nil?
      flash[:alert] = I18n.t("registration.deprecated.new_signin")
      session[:old_twitter_user_id] = params[:old_twitter_user_id] unless params[:old_twitter_user_id].nil?
    end
  end
  # GET /signup
@ -75,6 +79,12 @@ class UsersController < ApplicationController
      session[:invite_token] = params[:invite_token]
    end
    unless params[:old_twitter_user_id].nil? && session[:old_twitter_user_id].nil?
      logout
      flash.now[:alert] = I18n.t("registration.deprecated.new_signin")
      session[:old_twitter_user_id] = params[:old_twitter_user_id] unless params[:old_twitter_user_id].nil?
    end
    @user = User.new
  end
@ -175,7 +185,7 @@ class UsersController < ApplicationController
  end
  def ensure_unauthenticated
-    redirect_to current_user.main_room if current_user
+    redirect_to current_user.main_room if current_user && params[:old_twitter_user_id].nil?
  end
  def user_params
--- a/app/helpers/application_helper.rb
+++ b/app/helpers/application_helper.rb
@ -33,7 +33,11 @@ module ApplicationHelper
  # Determines which providers can show a login button in the login modal.
  def iconset_providers
-    configured_providers & [:google, :twitter, :microsoft_office365]
+    providers = configured_providers & [:google, :twitter, :microsoft_office365]
    providers.delete(:twitter) if session[:old_twitter_user_id]
    providers
  end
  # Generates the login URL for a specific provider.
--- a/app/helpers/sessions_helper.rb
+++ b/app/helpers/sessions_helper.rb
@ -19,6 +19,8 @@
 module SessionsHelper
  # Logs a user into GreenLight.
  def login(user)
    migrate_twitter_user(user)
    session[:user_id] = user.id
    # If there are not terms, or the user has accepted them, check for email verification
@ -97,4 +99,24 @@ module SessionsHelper
        hd_opts
      end
  end
  def migrate_twitter_user(user)
    if !session["old_twitter_user_id"].nil? && user.provider != "twitter"
      old_user = User.find(session["old_twitter_user_id"])
      old_user.rooms.each do |room|
        room.owner = user
        room.name = "Old " + room.name if room.id == old_user.main_room.id
        room.save!
      end
      # Query for the old user again so the migrated rooms don't get deleted
      old_user.reload
      old_user.destroy!
      session["old_twitter_user_id"] = nil
    end
  end
 end
--- a/app/views/shared/_flash_messages.html.erb
+++ b/app/views/shared/_flash_messages.html.erb
@ -17,17 +17,17 @@
  <% if key.eql? "success" %>
    <div class="alert alert-success alert-dismissible text-center mb-0">
      <button type="button" class="close" data-dismiss="alert">&times</button>
-      <%= value %>
+      <%= value.html_safe %>
    </div>
  <% elsif key.eql? "alert" %>
    <div class="alert alert-danger alert-dismissible text-center mb-0">
      <button type="button" class="close" data-dismiss="alert">&times</button>
-      <%= value %>
+      <%= value.html_safe %>
    </div>
  <% elsif key.eql? "info" %>
    <div class="alert alert-info alert-dismissible text-center mb-0">
      <button type="button" class="close" data-dismiss="alert">&times</button>
-      <%= value %>
+      <%= value.html_safe %>
    </div>
  <% end %>
 <% end %>
--- a/config/environments/test.rb
+++ b/config/environments/test.rb
@ -49,4 +49,6 @@ Rails.application.configure do
  # Use standalone BigBlueButton server.
  config.bigbluebutton_endpoint = config.bigbluebutton_endpoint_default
  config.bigbluebutton_secret = config.bigbluebutton_secret_default
  config.loadbalanced_configuration = false
 end
--- a/config/locales/en.yml
+++ b/config/locales/en.yml
@ -331,6 +331,10 @@ en:
      signup: Your account was successfully created. It has been sent to an administrator for approval.
    banned:
      fail: You do not have access to this application. If you believe this is a mistake, please contact your administrator. 
    deprecated:
      new_signin: Select a new login method for you account. All your rooms from your old account will be migrated to the new account
      twitter_signin: Signing in via Twitter has been deprecated and will be removed in the next release. Click <a href="%{link}"> here </a> to move your account to a new authentication method
      twitter_signup: Sign up via Twitter has been deprecated. Please use a different sign up method
    invite:
      fail: Your token is either invalid or has expired. If you believe this is a mistake, please contact your administrator.
      no_invite: You do not have an invitation to join. Please contact your administrator to receive one.
--- a/spec/controllers/sessions_controller_spec.rb
+++ b/spec/controllers/sessions_controller_spec.rb
@ -156,6 +156,29 @@ describe SessionsController, type: :controller do
      expect(@request.session[:user_id]).to eql(user.id)
      expect(response).to redirect_to(admins_path)
    end
    it "should migrate old rooms from the twitter account to the new user" do
      twitter_user = User.create(name: "Twitter User", email: "user@twitter.com", image: "example.png",
        username: "twitteruser", email_verified: true, provider: 'twitter', social_uid: "twitter-user")
      room = Room.new(name: "Test")
      room.owner = twitter_user
      room.save!
      post :create, params: {
        session: {
          email: @user1.email,
          password: 'example',
        },
      }, session: {
        old_twitter_user_id: twitter_user.id
      }
      @user1.reload
      expect(@user1.rooms.count).to eq(3)
      expect(@user1.rooms.find { |r| r.name == "Old Home Room" }).to_not be_nil
      expect(@user1.rooms.find { |r| r.name == "Test" }).to_not be_nil
    end
  end
  describe "GET/POST #omniauth" do
@ -173,6 +196,18 @@ describe SessionsController, type: :controller do
        },
      )
      OmniAuth.config.mock_auth[:google] = OmniAuth::AuthHash.new(
        provider: "google",
        uid: "google-user",
        info: {
          email: "user@google.com",
          name: "Google User",
          nickname: "googleuser",
          image: "touch.png",
          customer: 'customer1',
        }
      )
      OmniAuth.config.mock_auth[:bn_launcher] = OmniAuth::AuthHash.new(
        provider: "bn_launcher",
        uid: "bn-launcher-user",
@ -190,68 +225,108 @@ describe SessionsController, type: :controller do
      }
    end
-    unless Rails.configuration.omniauth_bn_launcher
+    it "should create and login user with omniauth google" do
-      it "should create and login user with omniauth twitter" do
+      request.env["omniauth.auth"] = OmniAuth.config.mock_auth[:google]
      get :omniauth, params: { provider: :google }
      u = User.last
      expect(u.provider).to eql("google")
      expect(u.email).to eql("user@google.com")
      expect(@request.session[:user_id]).to eql(u.id)
    end
    it "should create and login user with omniauth bn launcher" do
      request.env["omniauth.auth"] = OmniAuth.config.mock_auth[:bn_launcher]
      get :omniauth, params: { provider: 'bn_launcher' }
      u = User.last
      expect(u.provider).to eql("customer1")
      expect(u.email).to eql("user@google.com")
      expect(@request.session[:user_id]).to eql(u.id)
    end
    it "should redirect to root on invalid omniauth login" do
      request.env["omniauth.auth"] = :invalid_credentials
      get :omniauth, params: { provider: :google }
      expect(response).to redirect_to(root_path)
    end
    it "should not create session without omniauth env set for google" do
      get :omniauth, params: { provider: 'google' }
      expect(response).to redirect_to(root_path)
    end
    context 'twitter deprecation' do
      it "should not allow new user sign up with omniauth twitter" do
        request.env["omniauth.auth"] = OmniAuth.config.mock_auth[:twitter]
        get :omniauth, params: { provider: :twitter }
-        u = User.last
+        expect(response).to redirect_to(root_path)
-        expect(u.provider).to eql("twitter")
+        expect(flash[:alert]).to eq(I18n.t("registration.deprecated.twitter_signup"))
        expect(u.email).to eql("user@twitter.com")
        expect(@request.session[:user_id]).to eql(u.id)
      end
-      it "should create and login user with omniauth bn launcher" do
+      it "should notify twitter users that twitter is deprecated" do
-        request.env["omniauth.auth"] = OmniAuth.config.mock_auth[:bn_launcher]
+        allow(Rails.configuration).to receive(:allow_user_signup).and_return(true)
-        get :omniauth, params: { provider: 'bn_launcher' }
+        twitter_user = User.create(name: "Twitter User", email: "user@twitter.com", image: "example.png",
          username: "twitteruser", email_verified: true, provider: 'twitter', social_uid: "twitter-user")
-        u = User.last
+        request.env["omniauth.auth"] = OmniAuth.config.mock_auth[:twitter]
        expect(u.provider).to eql("customer1")
        expect(u.email).to eql("user@google.com")
        expect(@request.session[:user_id]).to eql(u.id)
      end
      it "should redirect to root on invalid omniauth login" do
        request.env["omniauth.auth"] = :invalid_credentials
        get :omniauth, params: { provider: :twitter }
-        expect(response).to redirect_to(root_path)
+        expect(flash[:alert]).to eq(I18n.t("registration.deprecated.twitter_signin",
          link: signup_path(old_twitter_user_id: twitter_user.id)))
      end
-      it "should not create session without omniauth env set for google" do
+      it "should migrate rooms from the twitter account to the google account" do
-        get :omniauth, params: { provider: 'google' }
+        twitter_user = User.create(name: "Twitter User", email: "user@twitter.com", image: "example.png",
          username: "twitteruser", email_verified: true, provider: 'twitter', social_uid: "twitter-user")
-        expect(response).to redirect_to(root_path)
+        room = Room.new(name: "Test")
        room.owner = twitter_user
        room.save!
        request.env["omniauth.auth"] = OmniAuth.config.mock_auth[:google]
        get :omniauth, params: { provider: :google }, session: { old_twitter_user_id: twitter_user.id }
        u = User.last
        expect(u.provider).to eql("google")
        expect(u.email).to eql("user@google.com")
        expect(@request.session[:user_id]).to eql(u.id)
        expect(u.rooms.count).to eq(3)
        expect(u.rooms.find { |r| r.name == "Old Home Room" }).to_not be_nil
        expect(u.rooms.find { |r| r.name == "Test" }).to_not be_nil
      end
    end
    context 'registration notification emails' do
      before do
        allow(Rails.configuration).to receive(:enable_email_verification).and_return(true)
        @user = create(:user, provider: "greenlight")
        @admin = create(:user, provider: "greenlight", email: "test@example.com")
        @admin.add_role :admin
      end
-      context 'registration notification emails' do
+      it "should notify admin on new user signup with approve/reject registration" do
-        before do
+        allow_any_instance_of(Registrar).to receive(:approval_registration).and_return(true)
          allow(Rails.configuration).to receive(:enable_email_verification).and_return(true)
          @user = create(:user, provider: "greenlight")
          @admin = create(:user, provider: "greenlight", email: "test@example.com")
          @admin.add_role :admin
        end
-        it "should notify admin on new user signup with approve/reject registration" do
+        request.env["omniauth.auth"] = OmniAuth.config.mock_auth[:bn_launcher]
          allow_any_instance_of(Registrar).to receive(:approval_registration).and_return(true)
-          request.env["omniauth.auth"] = OmniAuth.config.mock_auth[:bn_launcher]
+        expect { get :omniauth, params: { provider: 'bn_launcher' } }
          .to change { ActionMailer::Base.deliveries.count }.by(1)
      end
-          expect { get :omniauth, params: { provider: 'bn_launcher' } }
+      it "should notify admin on new user signup with invite registration" do
-            .to change { ActionMailer::Base.deliveries.count }.by(1)
+        allow_any_instance_of(Registrar).to receive(:invite_registration).and_return(true)
        end
-        it "should notify admin on new user signup with invite registration" do
+        invite = Invitation.create(email: "user@google.com", provider: "greenlight")
-          allow_any_instance_of(Registrar).to receive(:invite_registration).and_return(true)
+        @request.session[:invite_token] = invite.invite_token
-          invite = Invitation.create(email: "user@google.com", provider: "greenlight")
+        request.env["omniauth.auth"] = OmniAuth.config.mock_auth[:bn_launcher]
          @request.session[:invite_token] = invite.invite_token
-          request.env["omniauth.auth"] = OmniAuth.config.mock_auth[:bn_launcher]
+        expect { get :omniauth, params: { provider: 'bn_launcher' } }
-
+          .to change { ActionMailer::Base.deliveries.count }.by(1)
          expect { get :omniauth, params: { provider: 'bn_launcher' } }
            .to change { ActionMailer::Base.deliveries.count }.by(1)
        end
      end
    end