GRN-80: Allow local accounts on multitenant (#428)

* Changed the way the omniauth providers are declared * Allow local authentication for multitenant mode based on customer settings * Cleanead up code mandated by rubocop * Completed implementation for signin and added the one for signup * Fixed issue with rubocop * Renamed customer_name to lb_user * Renamed lb_user -> user_domain, fixed issue with signup controller, email verification WAS NOT implemented * Completed implementation of email_verification * Fixed rubocop issue * Final update * Fix for test with loadbalancer * Make sure loadbalancer mockup is only used when env defined * Fix for test on rooms_controller * Fixed most of the test failing on multitenant env * Fixed issue detected by rubocop * Fixed issue with activation tockens not working on resend * Fixed new issue found by rubocop * Updated travis script * Harcoded credentials for mockup * Updated expectation on start_session * Fixed issue with duplication of home room * Updated script for rubocop * Restored Gemfile
2019-04-05 14:54:36 -04:00
parent 5ba5b663ac
commit b15868fb3c
28 changed files with 354 additions and 293 deletions
--- a/config/application.rb
+++ b/config/application.rb
@ -48,22 +48,22 @@ module Greenlight
    config.gl_callback_url = ENV["GL_CALLBACK_URL"]

    # Default credentials (test-install.blindsidenetworks.com/bigbluebutton).
-    config.bigbluebutton_endpoint_default = "http://test-install.blindsidenetworks.com/bigbluebutton/api/"
+    config.bigbluebutton_endpoint_default = "http://test-install.blindsidenetworks.com/bigbluebutton/"
    config.bigbluebutton_secret_default = "8cd8ef52e8e101574e400365b55e11a6"

-    # Setup BigBlueButton configuration.
+    # Use standalone BigBlueButton server.
+    config.bigbluebutton_endpoint = ENV["BIGBLUEBUTTON_ENDPOINT"] || config.bigbluebutton_endpoint_default
+    config.bigbluebutton_secret = ENV["BIGBLUEBUTTON_SECRET"] || config.bigbluebutton_secret_default
+
+    # Fix endpoint format if required.
+    config.bigbluebutton_endpoint += "api/" unless config.bigbluebutton_endpoint.ends_with?('api/')
+
    if config.loadbalanced_configuration
-      # Fetch credentials from a loadbalancer based on provider.
+      # Settings for fetching credentials from a loadbalancer based on provider.
      config.loadbalancer_endpoint = ENV["LOADBALANCER_ENDPOINT"]
      config.loadbalancer_secret = ENV["LOADBALANCER_SECRET"]
      config.launcher_secret = ENV["LAUNCHER_SECRET"]
-    else
-      # Use standalone BigBlueButton server.
-      config.bigbluebutton_endpoint = ENV["BIGBLUEBUTTON_ENDPOINT"] || config.bigbluebutton_endpoint_default
-      config.bigbluebutton_secret = ENV["BIGBLUEBUTTON_SECRET"] || config.bigbluebutton_secret_default
-
-      # Fix endpoint format if required.
-      config.bigbluebutton_endpoint += "api/" unless config.bigbluebutton_endpoint.ends_with?('api/')
+      config.launcher_allow_user_signup = ENV["LAUNCHER_ALLOW_GREENLIGHT_ACCOUNTS"]
    end

    # Specify the email address that all mail is sent from
--- a/config/database.yml
+++ b/config/database.yml
@ -10,9 +10,9 @@ development:
 test:
  <<: *default
  adapter: sqlite3
-  database: db/development.sqlite3
+  database: db/test.sqlite3

-# Use sqlite in production by default. Greenlight supports 
+# Use sqlite in production by default. Greenlight supports
 production:
  <<: *default
  adapter: <%= ENV['DB_ADAPTER'] || 'sqlite3' %>
--- a/config/environments/test.rb
+++ b/config/environments/test.rb
@ -41,4 +41,12 @@ Rails.application.configure do

  # Raises error for missing translations
  # config.action_view.raise_on_missing_translations = true
+
+  # Default credentials (test-install.blindsidenetworks.com/bigbluebutton).
+  config.bigbluebutton_endpoint_default = 'http://bbb.example.com/bigbluebutton/api/'
+  config.bigbluebutton_secret_default = 'secret'
+
+  # Use standalone BigBlueButton server.
+  config.bigbluebutton_endpoint = config.bigbluebutton_endpoint_default
+  config.bigbluebutton_secret = config.bigbluebutton_secret_default
 end
--- a/config/initializers/application_controller_renderer.rb
+++ b/config/initializers/application_controller_renderer.rb
@ -4,7 +4,7 @@

 # ActiveSupport::Reloader.to_prepare do
 #   ApplicationController.renderer.defaults.merge!(
-#     http_host: 'example.org',
+#     http_host: 'example.com',
 #     https: false
 #   )
 # end
--- a/config/initializers/omniauth.rb
+++ b/config/initializers/omniauth.rb
@ -1,17 +1,17 @@
 # frozen_string_literal: true

 # List of supported Omniauth providers.
-Rails.application.config.providers = [:google, :twitter, :microsoft_office365, :ldap]
+Rails.application.config.providers = []

 # Set which providers are configured.
-Rails.application.config.omniauth_google = ENV['GOOGLE_OAUTH2_ID'].present? && ENV['GOOGLE_OAUTH2_SECRET'].present?
-Rails.application.config.omniauth_twitter = ENV['TWITTER_ID'].present? && ENV['TWITTER_SECRET'].present?
-Rails.application.config.omniauth_microsoft_office365 = ENV['OFFICE365_KEY'].present? &&
-                                                        ENV['OFFICE365_SECRET'].present?
+Rails.application.config.omniauth_bn_launcher = Rails.configuration.loadbalanced_configuration
 Rails.application.config.omniauth_ldap = ENV['LDAP_SERVER'].present? && ENV['LDAP_UID'].present? &&
                                         ENV['LDAP_BASE'].present? && ENV['LDAP_BIND_DN'].present? &&
                                         ENV['LDAP_PASSWORD'].present?
-Rails.application.config.omniauth_bn_launcher = Rails.configuration.loadbalanced_configuration
+Rails.application.config.omniauth_twitter = ENV['TWITTER_ID'].present? && ENV['TWITTER_SECRET'].present?
+Rails.application.config.omniauth_google = ENV['GOOGLE_OAUTH2_ID'].present? && ENV['GOOGLE_OAUTH2_SECRET'].present?
+Rails.application.config.omniauth_microsoft_office365 = ENV['OFFICE365_KEY'].present? &&
+                                                        ENV['OFFICE365_SECRET'].present?

 # If LDAP is enabled, override and disable allow_user_signup.
 Rails.application.config.allow_user_signup = false if Rails.application.config.omniauth_ldap
@ -32,27 +32,39 @@ Rails.application.config.middleware.use OmniAuth::Builder do
      client_secret: ENV['CLIENT_SECRET'],
      client_options: { site: ENV['BN_LAUNCHER_REDIRECT_URI'] },
      setup: SETUP_PROC
+  elsif Rails.configuration.omniauth_ldap
+    Rails.application.config.providers << :ldap
+
+    provider :ldap,
+      host: ENV['LDAP_SERVER'],
+      port: ENV['LDAP_PORT'] || '389',
+      method: ENV['LDAP_METHOD'].blank? ? :plain : ENV['LDAP_METHOD'].to_sym,
+      allow_username_or_email_login: true,
+      uid: ENV['LDAP_UID'],
+      base: ENV['LDAP_BASE'],
+      bind_dn: ENV['LDAP_BIND_DN'],
+      password: ENV['LDAP_PASSWORD']
+  else
+    if Rails.configuration.omniauth_twitter
+      Rails.application.config.providers << :twitter
+
+      provider :twitter, ENV['TWITTER_ID'], ENV['TWITTER_SECRET']
+    end
+    if Rails.configuration.omniauth_google
+      Rails.application.config.providers << :google
+
+      provider :google_oauth2, ENV['GOOGLE_OAUTH2_ID'], ENV['GOOGLE_OAUTH2_SECRET'],
+        scope: %w(profile email),
+        access_type: 'online',
+        name: 'google',
+        setup: SETUP_PROC
+    end
+    if Rails.configuration.omniauth_microsoft_office365
+      Rails.application.config.providers << :microsoft_office365
+
+      provider :microsoft_office365, ENV['OFFICE365_KEY'], ENV['OFFICE365_SECRET']
+    end
  end
-
-  provider :twitter, ENV['TWITTER_ID'], ENV['TWITTER_SECRET']
-
-  provider :google_oauth2, ENV['GOOGLE_OAUTH2_ID'], ENV['GOOGLE_OAUTH2_SECRET'],
-    scope: %w(profile email),
-    access_type: 'online',
-    name: 'google',
-    setup: SETUP_PROC
-
-  provider :microsoft_office365, ENV['OFFICE365_KEY'], ENV['OFFICE365_SECRET']
-
-  provider :ldap,
-    host: ENV['LDAP_SERVER'],
-    port: ENV['LDAP_PORT'] || '389',
-    method: ENV['LDAP_METHOD'].blank? ? :plain : ENV['LDAP_METHOD'].to_sym,
-    allow_username_or_email_login: true,
-    uid: ENV['LDAP_UID'],
-    base: ENV['LDAP_BASE'],
-    bind_dn: ENV['LDAP_BIND_DN'],
-    password: ENV['LDAP_PASSWORD']
 end

 # Redirect back to login in development mode.
--- a/config/locales/en.yml
+++ b/config/locales/en.yml
@ -77,6 +77,7 @@ en:
      signout: Sign out
  home_room: Home Room
  info_update_success: Information successfully updated.
+  invalid_user: Login failed due to user not found. Are you sure the email account is correct?
  invalid_credentials: Login failed due to invalid credentials. Are you sure you entered them correctly?
  invalid_login_method: Login failed due to account mismatch. You need to log in with omniauth.
  invite_message: "To invite someone to the meeting, send them this link:"
--- a/config/routes.rb
+++ b/config/routes.rb
@ -38,7 +38,7 @@ Rails.application.routes.draw do
  scope '/account_activations' do
    get '/', to: 'account_activations#show', as: :account_activation
    get '/edit', to: 'account_activations#edit', as: :edit_account_activation
-    get '/resend', to: 'account_activations#resend', as: :resend_email
+    post '/resend', to: 'account_activations#resend', as: :resend_email
  end

  # User resources.