GRN-80: Allow local accounts on multitenant (#428)

* Changed the way the omniauth providers are declared

* Allow local authentication for multitenant mode based on customer settings

* Cleanead up code mandated by rubocop

* Completed implementation for signin and added the one for signup

* Fixed issue with rubocop

* Renamed customer_name to lb_user

* Renamed lb_user -> user_domain, fixed issue with signup controller, email verification WAS NOT implemented

* Completed implementation of email_verification

* Fixed rubocop issue

* Final update

* Fix for test with loadbalancer

* Make sure loadbalancer mockup is only used when env defined

* Fix for test on rooms_controller

* Fixed most of the test failing on multitenant env

* Fixed issue detected by rubocop

* Fixed issue with activation tockens not working on resend

* Fixed new issue found by rubocop

* Updated travis script

* Harcoded credentials for mockup

* Updated expectation on start_session

* Fixed issue with duplication of home room

* Updated script for rubocop

* Restored Gemfile

app/controllers/account_activations_controller.rb

@@ -27,7 +27,7 @@ class AccountActivationsController < ApplicationController
 
   # GET /account_activations/edit
   def edit
-    if @user && !@user.email_verified? && @user.authenticated?(:activation, params[:token])
+    if @user && !@user.activated? && @user.authenticated?(:activation, params[:token])
       @user.activate
 
       flash[:success] = I18n.t("verify.activated") + " " + I18n.t("verify.signin")
@@ -40,7 +40,7 @@ class AccountActivationsController < ApplicationController
 
   # GET /account_activations/resend
   def resend
-    if @user.email_verified
+    if @user.activated?
       flash[:alert] = I18n.t("verify.already_verified")
     else
       begin
@@ -67,10 +67,10 @@ class AccountActivationsController < ApplicationController
   end
 
   def email_params
-    params.require(:email).permit(:token)
+    params.require(:email).permit(:email, :token)
   end
 
   def find_user
-    @user = User.find_by!(email: params[:email], provider: "greenlight")
+    @user = User.find_by!(email: params[:email], provider: @user_domain)
   end
 end

app/controllers/application_controller.rb

@@ -23,6 +23,7 @@ class ApplicationController < ActionController::Base
 
   before_action :migration_error?
   before_action :set_locale
+  before_action :set_user_domain
 
   # Force SSL for loadbalancer configurations.
   before_action :redirect_to_https
@@ -68,16 +69,11 @@ class ApplicationController < ActionController::Base
 
   # Determines if the BigBlueButton endpoint is configured (or set to default).
   def bigbluebutton_endpoint_default?
-    return false if loadbalanced_configuration?
+    return false if Rails.configuration.loadbalanced_configuration
     Rails.configuration.bigbluebutton_endpoint_default == Rails.configuration.bigbluebutton_endpoint
   end
   helper_method :bigbluebutton_endpoint_default?
 
-  def loadbalanced_configuration?
-    Rails.configuration.loadbalanced_configuration
-  end
-  helper_method :loadbalanced_configuration?
-
   def recording_thumbnails?
     Rails.configuration.recording_thumbnails
   end
@@ -106,6 +102,17 @@ class ApplicationController < ActionController::Base
   end
 
   def redirect_to_https
-    redirect_to protocol: "https://" if loadbalanced_configuration? && request.headers["X-Forwarded-Proto"] == "http"
+    if Rails.configuration.loadbalanced_configuration && request.headers["X-Forwarded-Proto"] == "http"
+      redirect_to protocol: "https://"
+    end
   end
+
+  def set_user_domain
+    @user_domain = if Rails.env.test? || !Rails.configuration.loadbalanced_configuration
+      "greenlight"
+    else
+      parse_user_domain(request.env["SERVER_NAME"])
+    end
+  end
+  helper_method :set_user_domain
 end

app/controllers/password_resets_controller.rb

@@ -84,7 +84,7 @@ class PasswordResetsController < ApplicationController
 
   # Confirms a valid user.
   def valid_user
-    unless current_user&.email_verified && current_user.authenticated?(:reset, params[:id])
+    unless current_user&.activated? && current_user.authenticated?(:reset, params[:id])
       redirect_to root_url
     end
   end

app/controllers/rooms_controller.rb

@@ -224,12 +224,12 @@ class RoomsController < ApplicationController
 
   def validate_verified_email
     if current_user
-      redirect_to account_activation_path(current_user) unless current_user.email_verified
+      redirect_to account_activation_path(current_user) unless current_user.activated?
     end
   end
 
   def verify_room_owner_verified
-    unless @room.owner.email_verified
+    unless @room.owner.activated?
       flash[:alert] = t("room.unavailable")
 
       if current_user

app/controllers/sessions_controller.rb

@@ -27,18 +27,13 @@ class SessionsController < ApplicationController
 
   # POST /users/login
   def create
-    user = User.find_by(email: session_params[:email])
-    if user && !user.greenlight_account?
-      redirect_to root_path, alert: I18n.t("invalid_login_method")
-    elsif user.try(:authenticate, session_params[:password])
-      if user.email_verified
-        login(user)
-      else
-        redirect_to(account_activation_path(email: user.email)) && return
-      end
-    else
-      redirect_to root_path, alert: I18n.t("invalid_credentials")
-    end
+    user = User.find_by(email: session_params[:email], provider: @user_domain)
+    redirect_to(root_path, alert: I18n.t("invalid_user")) && return unless user
+    redirect_to(root_path, alert: I18n.t("invalid_login_method")) && return unless user.greenlight_account?
+    redirect_to(root_path, alert: I18n.t("invalid_credentials")) && return unless user.try(:authenticate,
+      session_params[:password])
+    redirect_to(account_activation_path(email: user.email)) && return unless user.activated?
+    login(user)
   end
 
   # GET/POST /auth/:provider/callback

app/controllers/users_controller.rb

@@ -28,40 +28,24 @@ class UsersController < ApplicationController
     return unless Rails.configuration.allow_user_signup
 
     @user = User.new(user_params)
-    @user.provider = "greenlight"
+    @user.provider = @user_domain
 
-    # Check if user already exists
-    if User.exists?(email: user_params[:email], provider: @user.provider)
-      existing_user = User.find_by!(email: user_params[:email], provider: @user.provider)
-      if Rails.configuration.enable_email_verification && !existing_user.email_verified?
-        # User exists but is not verified
-        redirect_to(account_activation_path(email: existing_user.email)) && return
-      else
-        # User already exists and is verified
-        # Attempt to save so that the correct errors appear
-        @user.save
+    # Handle error on user creation.
+    render(:new) && return unless @user.save
 
-        render(:new) && return
-      end
-    elsif Rails.configuration.enable_email_verification && @user.save
-      begin
-        @user.send_activation_email(verification_link)
-      rescue => e
-        logger.error "Error in email delivery: #{e}"
-        flash[:alert] = I18n.t(params[:message], default: I18n.t("delivery_error"))
-      else
-        flash[:success] = I18n.t("email_sent")
-      end
+    # Sign in automatically if email verification is disabled.
+    login(@user) && return unless Rails.configuration.enable_email_verification
 
-      redirect_to(root_path) && return
-    elsif @user.save
-      # User doesn't exist and email verification is turned off
-      @user.activate
-      login(@user)
+    # Start email verification and redirect to root.
+    begin
+      @user.send_activation_email(verification_link)
+    rescue => e
+      logger.error "Error in email delivery: #{e}"
+      flash[:alert] = I18n.t(params[:message], default: I18n.t("delivery_error"))
     else
-      # Handle error on user creation.
-      render(:new) && return
+      flash[:success] = I18n.t("email_sent")
     end
+    redirect_to(root_path)
   end
 
   # GET /signup