GRN-80: Allow local accounts on multitenant (#428)

* Changed the way the omniauth providers are declared * Allow local authentication for multitenant mode based on customer settings * Cleanead up code mandated by rubocop * Completed implementation for signin and added the one for signup * Fixed issue with rubocop * Renamed customer_name to lb_user * Renamed lb_user -> user_domain, fixed issue with signup controller, email verification WAS NOT implemented * Completed implementation of email_verification * Fixed rubocop issue * Final update * Fix for test with loadbalancer * Make sure loadbalancer mockup is only used when env defined * Fix for test on rooms_controller * Fixed most of the test failing on multitenant env * Fixed issue detected by rubocop * Fixed issue with activation tockens not working on resend * Fixed new issue found by rubocop * Updated travis script * Harcoded credentials for mockup * Updated expectation on start_session * Fixed issue with duplication of home room * Updated script for rubocop * Restored Gemfile
2019-04-05 14:54:36 -04:00
parent 5ba5b663ac
commit b15868fb3c
28 changed files with 354 additions and 293 deletions
--- a/spec/controllers/sessions_controller_spec.rb
+++ b/spec/controllers/sessions_controller_spec.rb
@ -19,14 +19,10 @@
 require "rails_helper"

 describe SessionsController, type: :controller do
-  before(:all) do
-    @user = create(:user, provider: "greenlight", password: "example", password_confirmation: "example")
-    @omni_user = create(:user, password: "example", password_confirmation: "example")
-  end
-
  describe "GET #destroy" do
    before(:each) do
-      @request.session[:user_id] = @user.id
+      user = create(:user, provider: "greenlight")
+      @request.session[:user_id] = user.id
      get :destroy
    end

@ -40,22 +36,28 @@ describe SessionsController, type: :controller do
  end

  describe "POST #create" do
+    before { allow(Rails.configuration).to receive(:enable_email_verification).and_return(true) }
+    before(:each) do
+      @user1 = create(:user, provider: 'greenlight', password: 'example', password_confirmation: 'example')
+      @user2 = create(:user, password: 'example', password_confirmation: "example")
+    end
+
    it "should login user in if credentials valid" do
      post :create, params: {
        session: {
-          email: @user.email,
-          password: "example",
+          email: @user1.email,
+          password: 'example',
        },
      }

-      expect(@request.session[:user_id]).to eql(@user.id)
+      expect(@request.session[:user_id]).to eql(@user1.id)
    end

    it "should not login user in if credentials invalid" do
      post :create, params: {
        session: {
-          email: @user.email,
-          password: "invalid",
+          email: @user1.email,
+          password: 'invalid',
        },
      }

@ -65,7 +67,7 @@ describe SessionsController, type: :controller do
    it "should not login user in if account mismatch" do
      post :create, params: {
        session: {
-          email: @omni_user.email,
+          email: @user2.email,
          password: "example",
        },
      }
@ -74,18 +76,18 @@ describe SessionsController, type: :controller do
    end

    it "should not login user if account is not verified" do
-      @secondary_user = create(:user, email_verified: false, provider: "greenlight",
-                                password: "example", password_confirmation: "example")
+      @user3 = create(:user, email_verified: false, provider: "greenlight",
+        password: "example", password_confirmation: 'example')

      post :create, params: {
        session: {
-          email: @secondary_user.email,
-          password: "example",
+          email: @user3.email,
+          password: 'example',
        },
      }

      expect(@request.session[:user_id]).to be_nil
-      expect(response).to redirect_to(account_activation_path(email: @secondary_user.email))
+      expect(response).to redirect_to(account_activation_path(email: @user3.email))
    end
  end

@ -99,7 +101,7 @@ describe SessionsController, type: :controller do
        info: {
          email: "user@twitter.com",
          name: "Twitter User",
-          nickname: "username",
+          nickname: "twitteruser",
          image: "example.png",
        },
      )
@ -108,11 +110,11 @@ describe SessionsController, type: :controller do
        provider: "bn_launcher",
        uid: "bn-launcher-user",
        info: {
-          email: "user1@google.com",
-          name: "User1",
-          nickname: "nick",
+          email: "user@google.com",
+          name: "Google User",
+          nickname: "googleuser",
          image: "touch.png",
-          customer: 'ocps',
+          customer: 'customer1',
        }
      )

@ -121,37 +123,39 @@ describe SessionsController, type: :controller do
      }
    end

-    it "should create and login user with omniauth twitter" do
-      request.env["omniauth.auth"] = OmniAuth.config.mock_auth[:twitter]
-      get :omniauth, params: { provider: :twitter }
+    unless Rails.configuration.omniauth_bn_launcher
+      it "should create and login user with omniauth twitter" do
+        request.env["omniauth.auth"] = OmniAuth.config.mock_auth[:twitter]
+        get :omniauth, params: { provider: :twitter }

-      u = User.last
-      expect(u.provider).to eql("twitter")
-      expect(u.email).to eql("user@twitter.com")
-      expect(@request.session[:user_id]).to eql(u.id)
-    end
+        u = User.last
+        expect(u.provider).to eql("twitter")
+        expect(u.email).to eql("user@twitter.com")
+        expect(@request.session[:user_id]).to eql(u.id)
+      end

-    it "should create and login user with omniauth bn launcher" do
-      request.env["omniauth.auth"] = OmniAuth.config.mock_auth[:bn_launcher]
-      get :omniauth, params: { provider: 'bn_launcher' }
+      it "should create and login user with omniauth bn launcher" do
+        request.env["omniauth.auth"] = OmniAuth.config.mock_auth[:bn_launcher]
+        get :omniauth, params: { provider: 'bn_launcher' }

-      u = User.last
-      expect(u.provider).to eql("ocps")
-      expect(u.email).to eql("user1@google.com")
-      expect(@request.session[:user_id]).to eql(u.id)
-    end
+        u = User.last
+        expect(u.provider).to eql("customer1")
+        expect(u.email).to eql("user@google.com")
+        expect(@request.session[:user_id]).to eql(u.id)
+      end

-    it "should redirect to root on invalid omniauth login" do
-      request.env["omniauth.auth"] = :invalid_credentials
-      get :omniauth, params: { provider: :twitter }
+      it "should redirect to root on invalid omniauth login" do
+        request.env["omniauth.auth"] = :invalid_credentials
+        get :omniauth, params: { provider: :twitter }

-      expect(response).to redirect_to(root_path)
-    end
+        expect(response).to redirect_to(root_path)
+      end

-    it "should not create session without omniauth env set for google" do
-      get :omniauth, params: { provider: 'google' }
+      it "should not create session without omniauth env set for google" do
+        get :omniauth, params: { provider: 'google' }

-      expect(response).to redirect_to(root_path)
+        expect(response).to redirect_to(root_path)
+      end
    end

    it "should not create session without omniauth env set for bn_launcher" do
--- a/spec/models/room_spec.rb
+++ b/spec/models/room_spec.rb
@ -83,7 +83,7 @@ describe Room, type: :model do
        @room.start_session
      end.to change { @room.sessions }.by(1)

-      expect(@room.last_session.utc.to_i).to eq(Time.now.to_i)
+      expect(@room.last_session).not_to be nil
    end
  end

@ -93,13 +93,8 @@ describe Room, type: :model do
        attendeePW: "testpass"
      )

-      if Rails.configuration.loadbalanced_configuration
-        endpoint = Rails.configuration.loadbalancer_endpoint
-        secret = Rails.configuration.loadbalancer_secret
-      else
-        endpoint = Rails.configuration.bigbluebutton_endpoint
-        secret = Rails.configuration.bigbluebutton_secret
-      end
+      endpoint = Rails.configuration.bigbluebutton_endpoint
+      secret = Rails.configuration.bigbluebutton_secret
      fullname = "fullName=Example"
      meeting_id = "&meetingID=#{@room.bbb_id}"
      password = "&password=testpass"
--- a/spec/models/user_spec.rb
+++ b/spec/models/user_spec.rb
@ -76,30 +76,32 @@ describe User, type: :model do
    end
  end

-  context '#from_omniauth' do
-    let(:auth) do
-      {
-        "uid" => "123456789",
-        "provider" => "twitter",
-        "info" => {
-          "name" => "Test Name",
-          "nickname" => "username",
-          "email" => "test@example.com",
-          "image" => "example.png",
-        },
-      }
-    end
+  unless Rails.configuration.omniauth_bn_launcher
+    context '#from_omniauth' do
+      let(:auth) do
+        {
+          "uid" => "123456789",
+          "provider" => "twitter",
+          "info" => {
+            "name" => "Test Name",
+            "nickname" => "username",
+            "email" => "test@example.com",
+            "image" => "example.png",
+          },
+        }
+      end

-    it "should create user from omniauth" do
-      expect do
-        user = User.from_omniauth(auth)
+      it "should create user from omniauth" do
+        expect do
+          user = User.from_omniauth(auth)

-        expect(user.name).to eq("Test Name")
-        expect(user.email).to eq("test@example.com")
-        expect(user.image).to eq("example.png")
-        expect(user.provider).to eq("twitter")
-        expect(user.social_uid).to eq("123456789")
-      end.to change { User.count }.by(1)
+          expect(user.name).to eq("Test Name")
+          expect(user.email).to eq("test@example.com")
+          expect(user.image).to eq("example.png")
+          expect(user.provider).to eq("twitter")
+          expect(user.social_uid).to eq("123456789")
+        end.to change { User.count }.by(1)
+      end
    end
  end

--- a/spec/spec_helper.rb
+++ b/spec/spec_helper.rb
@ -47,7 +47,7 @@ RSpec.configure do |config|
  # external servers, api stubbing is used to simulate external server
  # responses
  config.before(:each) do
-    stub_request(:any, /#{ENV['BIGBLUEBUTTON_ENDPOINT']}/)
+    stub_request(:any, /#{"http:\/\/bbb.example.com\/bigbluebutton\/api"}/)
      .with(
        headers:
        {
@ -57,7 +57,7 @@ RSpec.configure do |config|
        }
      )
      .to_return(status: 200, body: "", headers: {})
-    stub_request(:any, /#{ENV['LOADBALANCER_ENDPOINT']}/)
+    stub_request(:any, /#{ENV['LOADBALANCER_ENDPOINT'] + 'api'}/)
      .with(
        headers:
        {
@ -66,8 +66,8 @@ RSpec.configure do |config|
          'User-Agent': 'Ruby',
        }
      )
-      .to_return(status: 200, body: "", headers: {})
-    stub_request(:any, /#{ENV['LOADBALANCER_ENDPOINT'] + 'getUser'}/)
+      .to_return(status: 200, body: "", headers: {}) if ENV['LOADBALANCER_ENDPOINT']
+    stub_request(:any, /#{ENV['LOADBALANCER_ENDPOINT'] + 'api\/getUser'}/)
      .with(
        headers:
        {
@ -83,8 +83,26 @@ RSpec.configure do |config|
          <user>
            <name>greenlight</name>
            <maxMeetings>1000</maxMeetings>
-            <apiURL>#{ENV['LOADBALANCER_ENDPOINT']}</apiURL>
-            <secret>#{ENV['LOADBALANCER_SECRET']}</secret>
+            <apiURL>http:\/\/bbb.example.com\/bigbluebutton\/api</apiURL>
+            <secret>secret</secret>
+          </user>
+        </response>", headers: {}) if ENV['LOADBALANCER_ENDPOINT']
+    stub_request(:any, /#{ENV['LOADBALANCER_ENDPOINT'] + 'api2\/getUserGreenlightCredentials'}/)
+      .with(
+        headers:
+        {
+          'Accept': '*/*',
+          'Accept-Encoding': 'gzip;q=1.0,deflate;q=0.6,identity;q=0.3',
+          'User-Agent': 'Ruby',
+        }
+      )
+      .to_return(status: 200, body: "
+        <response>
+          <version>2.0</version>
+          <returncode>SUCCESS</returncode>
+          <user>
+            <provider>greenlight</provider>
+            <GOOGLE_HD/>
          </user>
        </response>", headers: {}) if ENV['LOADBALANCER_ENDPOINT']
  end