lino.jorzick
/
greenlight
forked from External/greenlight
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Added mapping roles through email to site settings (#2373)

This commit is contained in:
Ahmad Farhat 2020-12-16 19:31:32 -05:00 committed by GitHub
parent 14350c5f5d
commit 5a51f6d714
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
12 changed files with 202 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
app/assets/javascripts/admins.js
View File

@ -169,6 +169,12 @@ function clearMaintenanceBanner(path) {
$.post(path, {value: "", tab: "administration"}) $.post(path, {value: "", tab: "administration"})
} }
// Change the email mapping to the string provided
function changeEmailMapping(path) {
var url = $("#email-mapping").val()
$.post(path, {value: url, tab: "registration"})
}
function mergeUsers() { function mergeUsers() {
let userToMerge = $("#from-uid").text() let userToMerge = $("#from-uid").text()
$.post($("#merge-save-access").data("path"), {merge: userToMerge}) $.post($("#merge-save-access").data("path"), {merge: userToMerge})

2
app/controllers/account_activations_controller.rb
View File

@ -18,6 +18,7 @@
class AccountActivationsController < ApplicationController class AccountActivationsController < ApplicationController
include Emailer include Emailer
include Authenticator
before_action :ensure_unauthenticated before_action :ensure_unauthenticated
before_action :find_user_by_token, only: :edit before_action :find_user_by_token, only: :edit
@ -32,6 +33,7 @@ class AccountActivationsController < ApplicationController
# If the user exists and is not verified and provided the correct token # If the user exists and is not verified and provided the correct token
if @user && !@user.activated? if @user && !@user.activated?
# Verify user # Verify user
@user.set_role(initial_user_role(@user.email)) if @user.role.nil?
@user.activate @user.activate
# Redirect user to root with account pending flash if account is still pending # Redirect user to root with account pending flash if account is still pending

13
app/controllers/concerns/authenticator.rb
View File

@ -83,6 +83,19 @@ module Authenticator
!allow_greenlight_accounts? !allow_greenlight_accounts?
end end
# Sets the initial user role based on the email mapping
def initial_user_role(email)
mapping = @settings.get_value("Email Mapping")
return "user" unless mapping.present?
mapping.split(",").each do |map|
email_role = map.split("=")
return email_role[1] if email.ends_with?(email_role[0])
end
"user" # default to user if role not found
end
private private
# Migrates all of the twitter users rooms to the new account # Migrates all of the twitter users rooms to the new account

2
app/controllers/sessions_controller.rb
View File

@ -228,7 +228,7 @@ class SessionsController < ApplicationController
send_invite_user_signup_email(user) if invite_registration && !@user_exists send_invite_user_signup_email(user) if invite_registration && !@user_exists
user.set_role :user if !@user_exists && user.role.nil? user.set_role(initial_user_role(user.email)) if !@user_exists && user.role.nil?
login(user) login(user)

2
app/controllers/users_controller.rb
View File

@ -57,7 +57,7 @@ class UsersController < ApplicationController
# Sign in automatically if email verification is disabled or if user is already verified. # Sign in automatically if email verification is disabled or if user is already verified.
if !Rails.configuration.enable_email_verification || @user.email_verified if !Rails.configuration.enable_email_verification || @user.email_verified
@user.set_role :user @user.set_role(initial_user_role(@user.email))
login(@user) && return login(@user) && return
end end

4
app/helpers/admins_helper.rb
View File

@ -121,6 +121,10 @@ module AdminsHelper
@settings.get_value("Room Limit").to_i @settings.get_value("Room Limit").to_i
end end
def email_mapping
@settings.get_value("Email Mapping")
end
# Room Configuration # Room Configuration
def room_configuration_string(name) def room_configuration_string(name)

14
app/views/admins/components/_settings.html.erb
View File

@ -28,15 +28,13 @@
<i class="fas mr-3 fa-tools"></i> <i class="fas mr-3 fa-tools"></i>
<%= t("administrator.site_settings.tabs.settings") %> <%= t("administrator.site_settings.tabs.settings") %>
</a> </a>
<a class="nav-item p-3 nav-link <%= 'active' if @tab == 'registration' %>" href="?tab=registration" role="tab" aria-selected="false">
<i class="far mr-3 fa-newspaper"></i>
<%= t("administrator.site_settings.tabs.registration") %>
</a>
</div> </div>
</nav> </nav>
</div> </div>
<% if @tab == "appearance"%> <%= render "admins/components/site_settings/#{@tab}" %>
<%= render "admins/components/site_settings/appearance" %>
<% elsif @tab == "administration"%>
<%= render "admins/components/site_settings/administration" %>
<% else %>
<%= render "admins/components/site_settings/settings" %>
<% end %>

31
app/views/admins/components/site_settings/_registration.html.erb Normal file
View File

@ -0,0 +1,31 @@
<%
# BigBlueButton open source conferencing system - http://www.bigbluebutton.org/.
# Copyright (c) 2018 BigBlueButton Inc. and by respective authors (see below).
# This program is free software; you can redistribute it and/or modify it under the
# terms of the GNU Lesser General Public License as published by the Free Software
# Foundation; either version 3.0 of the License, or (at your option) any later
# version.
#
# BigBlueButton is distributed in the hope that it will be useful, but WITHOUT ANY
# WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A
# PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details.
# You should have received a copy of the GNU Lesser General Public License along
# with BigBlueButton; if not, see <http://www.gnu.org/licenses/>.
%>
<div class="form-group">
<div class="row mb-2">
<div class="col-12">
<div class="form-group">
<label class="form-label"><%= t("administrator.site_settings.email_mapping.title") %></label>
<label class="form-label text-muted"><%= t("administrator.site_settings.email_mapping.info") %></label>
<div class="input-group">
<input id="email-mapping" type="text" class="form-control" value="<%= email_mapping %>">
<span class="input-group-append">
<button id="branding-image" onclick="changeEmailMapping('<%= admin_update_settings_path(setting: 'Email Mapping') %>')" class="btn btn-primary" type="button"><%= t("update") %></button>
</span>
</div>
</div>
</div>
</div>
</div>

5
config/locales/en.yml
View File

@ -69,6 +69,10 @@ en:
regular: Regular regular: Regular
lighten: Lighten lighten: Lighten
darken: Darken darken: Darken
email_mapping:
info: Map the user to a role using their email. Must be in the format email1=role1,email2=role2
title: Role Mapping by Email
update:
log_level: log_level:
title: Log Level title: Log Level
information: Change the Log Level for the entire deployment information: Change the Log Level for the entire deployment
@ -111,6 +115,7 @@ en:
tabs: tabs:
appearance: Appearance appearance: Appearance
administration: Administration administration: Administration
registration: Registration
settings: Settings settings: Settings
title: Site Settings title: Site Settings
flash: flash:

45
spec/controllers/account_activations_controller_spec.rb
View File

@ -79,6 +79,51 @@ describe AccountActivationsController, type: :controller do
expect(flash[:success]).to be_present expect(flash[:success]).to be_present
expect(response).to redirect_to(root_path) expect(response).to redirect_to(root_path)
end end
context "email mapping" do
before do
@role1 = Role.create(name: "role1", priority: 2, provider: "greenlight")
@role2 = Role.create(name: "role2", priority: 3, provider: "greenlight")
allow_any_instance_of(Setting).to receive(:get_value).and_return("-123@test.com=role1,@testing.com=role2")
end
it "correctly sets users role if email mapping is set" do
@user = create(:user, email: "test-123@test.com", email_verified: false, provider: "greenlight", role: nil)
get :edit, params: { token: @user.create_activation_token }
u = User.last
expect(u.role).to eq(@role1)
end
it "correctly sets users role if email mapping is set (second test)" do
@user = create(:user, email: "test@testing.com", email_verified: false, provider: "greenlight", role: nil)
get :edit, params: { token: @user.create_activation_token }
u = User.last
expect(u.role).to eq(@role2)
end
it "does not replace the role if already set" do
pending = Role.find_by(name: "pending", provider: "greenlight")
@user = create(:user, email: "test@testing.com", email_verified: false, provider: "greenlight", role: pending)
get :edit, params: { token: @user.create_activation_token }
u = User.last
expect(u.role).to eq(pending)
end
it "defaults to user if no mapping matches" do
@user = create(:user, email: "test@testing1.com", email_verified: false, provider: "greenlight")
get :edit, params: { token: @user.create_activation_token }
u = User.last
expect(u.role).to eq(Role.find_by(name: "user", provider: "greenlight"))
end
end
end end
describe "GET #resend" do describe "GET #resend" do

47
spec/controllers/sessions_controller_spec.rb
View File

@ -531,6 +531,53 @@ describe SessionsController, type: :controller do
new_u = User.find_by(social_uid: "bn-launcher-user-new") new_u = User.find_by(social_uid: "bn-launcher-user-new")
expect(users_old_uid).to eq(new_u.uid) expect(users_old_uid).to eq(new_u.uid)
end end
context "email mapping" do
before do
@role1 = Role.create(name: "role1", priority: 2, provider: "greenlight")
@role2 = Role.create(name: "role2", priority: 3, provider: "greenlight")
allow_any_instance_of(Setting).to receive(:get_value).and_return("-123@test.com=role1,@testing.com=role2")
end
it "correctly sets users role if email mapping is set" do
params = OmniAuth.config.mock_auth[:google]
params[:info][:email] = "test-123@test.com"
request.env["omniauth.auth"] = params
get :omniauth, params: { provider: :google }
u = User.last
expect(u.role).to eq(@role1)
end
it "correctly sets users role if email mapping is set (second test)" do
params = OmniAuth.config.mock_auth[:google]
params[:info][:email] = "test-123@testing.com"
request.env["omniauth.auth"] = params
get :omniauth, params: { provider: :google }
u = User.last
expect(u.role).to eq(@role2)
end
it "defaults to user if no mapping matches" do
params = OmniAuth.config.mock_auth[:google]
params[:info][:email] = "test@test.com"
request.env["omniauth.auth"] = params
get :omniauth, params: { provider: :google }
u = User.last
expect(u.role).to eq(Role.find_by(name: "user", provider: "greenlight"))
end
end
end end
describe "POST #ldap" do describe "POST #ldap" do

41
spec/controllers/users_controller_spec.rb
View File

@ -148,6 +148,47 @@ describe UsersController, type: :controller do
expect(u.last_login).to_not be_nil expect(u.last_login).to_not be_nil
end end
context "email mapping" do
before do
@role1 = Role.create(name: "role1", priority: 2, provider: "greenlight")
@role2 = Role.create(name: "role2", priority: 3, provider: "greenlight")
allow_any_instance_of(Setting).to receive(:get_value).and_return("-123@test.com=role1,@testing.com=role2")
end
it "correctly sets users role if email mapping is set" do
params = random_valid_user_params
params[:user][:email] = "test-123@test.com"
post :create, params: params
u = User.find_by(name: params[:user][:name], email: params[:user][:email])
expect(u.role).to eq(@role1)
end
it "correctly sets users role if email mapping is set (second test)" do
params = random_valid_user_params
params[:user][:email] = "test@testing.com"
post :create, params: params
u = User.find_by(name: params[:user][:name], email: params[:user][:email])
expect(u.role).to eq(@role2)
end
it "defaults to user if no mapping matches" do
params = random_valid_user_params
params[:user][:email] = "test@testing1.com"
post :create, params: params
u = User.find_by(name: params[:user][:name], email: params[:user][:email])
expect(u.role).to eq(Role.find_by(name: "user", provider: "greenlight"))
end
end
end end
context "disallow greenlight accounts" do context "disallow greenlight accounts" do