diff --git a/.gitignore b/.gitignore index f7cc84a..6595d4b 100644 --- a/.gitignore +++ b/.gitignore @@ -1,6 +1,7 @@ /.bundle /cookbook/.kitchen /config/database.yml +/config/ldap.yml /config/secrets.yml /coverage /doc @@ -13,3 +14,5 @@ /vendor/bundle /vendor/engines /.yardoc +.bash_history +.irb_history \ No newline at end of file diff --git a/.ruby-version b/.ruby-version index 276cbf9..d9c62ed 100644 --- a/.ruby-version +++ b/.ruby-version @@ -1 +1 @@ -2.3.0 +3.0.2 \ No newline at end of file diff --git a/CHANGELOG.md b/CHANGELOG.md index ab091b1..41291d9 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,6 +1,10 @@ GitHub Connector CHANGELOG ========================== +v0.2.0 +------ +- Upgrade everything! + v0.1.5 ------ - Upgrade Octokit to latest version [#13] diff --git a/DockerfileLdap b/DockerfileLdap new file mode 100644 index 0000000..49ab02d --- /dev/null +++ b/DockerfileLdap @@ -0,0 +1,5 @@ +FROM osixia/openldap +ENV LDAP_ORGANISATION="Example Org" \ + LDAP_DOMAIN="example.com" + +EXPOSE 3268 3269 diff --git a/DockerfileWeb b/DockerfileWeb new file mode 100644 index 0000000..1b8f621 --- /dev/null +++ b/DockerfileWeb @@ -0,0 +1,16 @@ +FROM ruby:3.0.2 +# https://docs.docker.com/samples/rails/ + +RUN apt-get clean && apt-get update -qq && apt-get install -y libio-socket-inet6-perl postgresql-client +WORKDIR /myapp +COPY . /myapp +RUN bundle install + +# Add a script to be executed every time the container starts. +COPY entrypoint.sh /usr/bin/ +RUN chmod +x /usr/bin/entrypoint.sh +ENTRYPOINT ["entrypoint.sh"] +EXPOSE 5000 + +# Configure the main process to run when running the image +CMD ["rails", "server", "-b", "0.0.0.0"] diff --git a/Gemfile b/Gemfile index 9640c94..b969753 100644 --- a/Gemfile +++ b/Gemfile @@ -1,27 +1,27 @@ source 'https://rubygems.org' -gem 'rails', '~> 4.2.11.1' +gem 'rails' gem 'autoprefixer-rails' gem 'bootstrap-sass' -gem 'coffee-rails', '~> 4.0.0' -gem 'compass-rails' +gem 'coffee-rails' +gem 'compass-rails', '~> 4.0.0' gem 'daemons' gem 'delayed_job_active_record' -gem 'devise', '>= 3.4.0' -gem 'devise_ldap_authenticatable', '> 0.8.1' +gem 'devise' +gem 'devise_ldap_authenticatable' gem 'friendly_id' gem 'font-awesome-rails' gem 'jquery-rails' gem 'oauth2' -gem 'octokit', '> 3.3.1' +gem 'octokit' gem 'pg' gem 'puma' gem 'sanitize' gem 'sass-rails' -gem 'state_machine' +gem 'state_machines-activerecord' gem 'turbolinks' -gem 'uglifier', '>= 1.3.0' +gem 'uglifier' # Add local customizations via rails engines require 'pathname' @@ -35,16 +35,17 @@ end group :development do gem 'foreman' gem 'spring' - gem 'therubyracer' + gem 'mini_racer' gem 'yard' end group :development, :test do gem 'database_cleaner' gem 'rspec-rails' + gem 'rails-controller-testing' end group :test do gem 'simplecov', :require => false - gem 'factory_girl_rails' + gem 'factory_bot' end diff --git a/Gemfile.lock b/Gemfile.lock index 1339107..ffbd93d 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -1,59 +1,82 @@ GEM remote: https://rubygems.org/ specs: - actionmailer (4.2.11.1) - actionpack (= 4.2.11.1) - actionview (= 4.2.11.1) - activejob (= 4.2.11.1) + actioncable (6.1.4.1) + actionpack (= 6.1.4.1) + activesupport (= 6.1.4.1) + nio4r (~> 2.0) + websocket-driver (>= 0.6.1) + actionmailbox (6.1.4.1) + actionpack (= 6.1.4.1) + activejob (= 6.1.4.1) + activerecord (= 6.1.4.1) + activestorage (= 6.1.4.1) + activesupport (= 6.1.4.1) + mail (>= 2.7.1) + actionmailer (6.1.4.1) + actionpack (= 6.1.4.1) + actionview (= 6.1.4.1) + activejob (= 6.1.4.1) + activesupport (= 6.1.4.1) mail (~> 2.5, >= 2.5.4) - rails-dom-testing (~> 1.0, >= 1.0.5) - actionpack (4.2.11.1) - actionview (= 4.2.11.1) - activesupport (= 4.2.11.1) - rack (~> 1.6) - rack-test (~> 0.6.2) - rails-dom-testing (~> 1.0, >= 1.0.5) - rails-html-sanitizer (~> 1.0, >= 1.0.2) - actionview (4.2.11.1) - activesupport (= 4.2.11.1) + rails-dom-testing (~> 2.0) + actionpack (6.1.4.1) + actionview (= 6.1.4.1) + activesupport (= 6.1.4.1) + rack (~> 2.0, >= 2.0.9) + rack-test (>= 0.6.3) + rails-dom-testing (~> 2.0) + rails-html-sanitizer (~> 1.0, >= 1.2.0) + actiontext (6.1.4.1) + actionpack (= 6.1.4.1) + activerecord (= 6.1.4.1) + activestorage (= 6.1.4.1) + activesupport (= 6.1.4.1) + nokogiri (>= 1.8.5) + actionview (6.1.4.1) + activesupport (= 6.1.4.1) builder (~> 3.1) - erubis (~> 2.7.0) - rails-dom-testing (~> 1.0, >= 1.0.5) - rails-html-sanitizer (~> 1.0, >= 1.0.3) - activejob (4.2.11.1) - activesupport (= 4.2.11.1) - globalid (>= 0.3.0) - activemodel (4.2.11.1) - activesupport (= 4.2.11.1) - builder (~> 3.1) - activerecord (4.2.11.1) - activemodel (= 4.2.11.1) - activesupport (= 4.2.11.1) - arel (~> 6.0) - activesupport (4.2.11.1) - i18n (~> 0.7) - minitest (~> 5.1) - thread_safe (~> 0.3, >= 0.3.4) - tzinfo (~> 1.1) - addressable (2.5.2) - public_suffix (>= 2.0.2, < 4.0) - arel (6.0.4) - autoprefixer-rails (6.3.1) - execjs - json - bcrypt (3.1.10) - bootstrap-sass (3.3.6) + erubi (~> 1.4) + rails-dom-testing (~> 2.0) + rails-html-sanitizer (~> 1.1, >= 1.2.0) + activejob (6.1.4.1) + activesupport (= 6.1.4.1) + globalid (>= 0.3.6) + activemodel (6.1.4.1) + activesupport (= 6.1.4.1) + activerecord (6.1.4.1) + activemodel (= 6.1.4.1) + activesupport (= 6.1.4.1) + activestorage (6.1.4.1) + actionpack (= 6.1.4.1) + activejob (= 6.1.4.1) + activerecord (= 6.1.4.1) + activesupport (= 6.1.4.1) + marcel (~> 1.0.0) + mini_mime (>= 1.1.0) + activesupport (6.1.4.1) + concurrent-ruby (~> 1.0, >= 1.0.2) + i18n (>= 1.6, < 2) + minitest (>= 5.1) + tzinfo (~> 2.0) + zeitwerk (~> 2.3) + addressable (2.8.0) + public_suffix (>= 2.0.2, < 5.0) + autoprefixer-rails (10.3.3.0) + execjs (~> 2) + bcrypt (3.1.16) + bootstrap-sass (3.4.1) autoprefixer-rails (>= 5.2.1) - sass (>= 3.3.4) - builder (3.2.3) - chunky_png (1.3.5) - coffee-rails (4.0.1) + sassc (>= 2.0.0) + builder (3.2.4) + chunky_png (1.4.0) + coffee-rails (5.0.0) coffee-script (>= 2.2.0) - railties (>= 4.0.0, < 5.0) + railties (>= 5.2.0) coffee-script (2.4.1) coffee-script-source execjs - coffee-script-source (1.10.0) + coffee-script-source (1.12.2) compass (1.0.3) chunky_png (~> 1.2) compass-core (~> 1.0.2) @@ -66,215 +89,253 @@ GEM sass (>= 3.3.0, < 3.5) compass-import-once (1.0.5) sass (>= 3.2, < 3.5) - compass-rails (3.0.0) + compass-rails (4.0.0) compass (~> 1.0.0) sass-rails (< 5.1) sprockets (< 4.0) - concurrent-ruby (1.1.5) - crass (1.0.2) - daemons (1.2.3) - database_cleaner (1.5.1) - delayed_job (4.1.1) - activesupport (>= 3.0, < 5.0) - delayed_job_active_record (4.1.0) - activerecord (>= 3.0, < 5) + concurrent-ruby (1.1.9) + crass (1.0.6) + daemons (1.4.1) + database_cleaner (2.0.1) + database_cleaner-active_record (~> 2.0.0) + database_cleaner-active_record (2.0.1) + activerecord (>= 5.a) + database_cleaner-core (~> 2.0.0) + database_cleaner-core (2.0.1) + delayed_job (4.1.9) + activesupport (>= 3.0, < 6.2) + delayed_job_active_record (4.1.6) + activerecord (>= 3.0, < 6.2) delayed_job (>= 3.0, < 5) - devise (3.5.5) + devise (4.8.0) bcrypt (~> 3.0) orm_adapter (~> 0.1) - railties (>= 3.2.6, < 5) + railties (>= 4.1.0) responders - thread_safe (~> 0.1) warden (~> 1.2.3) - devise_ldap_authenticatable (0.8.5) + devise_ldap_authenticatable (0.8.7) devise (>= 3.4.1) - net-ldap (>= 0.6.0, <= 0.11) - diff-lcs (1.2.5) - docile (1.1.5) - erubis (2.7.0) - execjs (2.6.0) - factory_girl (4.5.0) - activesupport (>= 3.0.0) - factory_girl_rails (4.5.0) - factory_girl (~> 4.5.0) - railties (>= 3.0.0) - faraday (0.9.2) + net-ldap (>= 0.16.0) + diff-lcs (1.4.4) + docile (1.4.0) + erubi (1.10.0) + execjs (2.8.1) + factory_bot (6.2.0) + activesupport (>= 5.0.0) + faraday (1.8.0) + faraday-em_http (~> 1.0) + faraday-em_synchrony (~> 1.0) + faraday-excon (~> 1.1) + faraday-httpclient (~> 1.0.1) + faraday-net_http (~> 1.0) + faraday-net_http_persistent (~> 1.1) + faraday-patron (~> 1.0) + faraday-rack (~> 1.0) multipart-post (>= 1.2, < 3) - ffi (1.9.10) - font-awesome-rails (4.5.0.0) - railties (>= 3.2, < 5.0) - foreman (0.78.0) - thor (~> 0.19.1) - friendly_id (5.1.0) + ruby2_keywords (>= 0.0.4) + faraday-em_http (1.0.0) + faraday-em_synchrony (1.0.0) + faraday-excon (1.1.0) + faraday-httpclient (1.0.1) + faraday-net_http (1.0.1) + faraday-net_http_persistent (1.2.0) + faraday-patron (1.0.0) + faraday-rack (1.0.0) + ffi (1.15.4) + font-awesome-rails (4.7.0.7) + railties (>= 3.2, < 7) + foreman (0.87.2) + friendly_id (5.4.2) activerecord (>= 4.0.0) - globalid (0.4.2) - activesupport (>= 4.2.0) - i18n (0.9.5) + globalid (1.0.0) + activesupport (>= 5.0) + i18n (1.8.11) concurrent-ruby (~> 1.0) - jquery-rails (4.1.0) - rails-dom-testing (~> 1.0) + jquery-rails (4.4.0) + rails-dom-testing (>= 1, < 3) railties (>= 4.2.0) thor (>= 0.14, < 2.0) - json (1.8.6) - jwt (1.5.1) - libv8 (3.16.14.19) - loofah (2.2.3) + jwt (2.3.0) + libv8-node (16.10.0.0-x86_64-linux) + loofah (2.12.0) crass (~> 1.0.2) nokogiri (>= 1.5.9) mail (2.7.1) mini_mime (>= 0.1.1) - mini_mime (1.0.1) - mini_portile2 (2.4.0) - minitest (5.11.3) - multi_json (1.11.2) - multi_xml (0.5.5) - multipart-post (2.0.0) - net-ldap (0.11) - nokogiri (1.10.1) - mini_portile2 (~> 2.4.0) - nokogumbo (1.4.7) - nokogiri - oauth2 (1.1.0) - faraday (>= 0.8, < 0.10) - jwt (~> 1.0, < 1.5.2) + marcel (1.0.2) + method_source (1.0.0) + mini_mime (1.1.2) + mini_racer (0.5.0) + libv8-node (~> 16.10.0.0) + minitest (5.14.4) + multi_json (1.15.0) + multi_xml (0.6.0) + multipart-post (2.1.1) + net-ldap (0.17.0) + nio4r (2.5.8) + nokogiri (1.12.5-x86_64-linux) + racc (~> 1.4) + oauth2 (1.4.7) + faraday (>= 0.8, < 2.0) + jwt (>= 1.0, < 3.0) multi_json (~> 1.3) multi_xml (~> 0.5) rack (>= 1.2, < 3) - octokit (4.13.0) + octokit (4.21.0) + faraday (>= 0.9) sawyer (~> 0.8.0, >= 0.5.3) orm_adapter (0.5.0) - pg (0.18.4) - public_suffix (3.0.3) - puma (2.16.0) - rack (1.6.11) - rack-test (0.6.3) - rack (>= 1.0) - rails (4.2.11.1) - actionmailer (= 4.2.11.1) - actionpack (= 4.2.11.1) - actionview (= 4.2.11.1) - activejob (= 4.2.11.1) - activemodel (= 4.2.11.1) - activerecord (= 4.2.11.1) - activesupport (= 4.2.11.1) - bundler (>= 1.3.0, < 2.0) - railties (= 4.2.11.1) - sprockets-rails - rails-deprecated_sanitizer (1.0.3) - activesupport (>= 4.2.0.alpha) - rails-dom-testing (1.0.9) - activesupport (>= 4.2.0, < 5.0) - nokogiri (~> 1.6) - rails-deprecated_sanitizer (>= 1.0.1) - rails-html-sanitizer (1.0.4) - loofah (~> 2.2, >= 2.2.2) - railties (4.2.11.1) - actionpack (= 4.2.11.1) - activesupport (= 4.2.11.1) - rake (>= 0.8.7) - thor (>= 0.18.1, < 2.0) - rake (12.3.2) - rb-fsevent (0.9.7) - rb-inotify (0.9.5) - ffi (>= 0.5.0) - ref (2.0.0) - responders (2.1.1) - railties (>= 4.2.0, < 5.1) - rspec-core (3.4.2) - rspec-support (~> 3.4.0) - rspec-expectations (3.4.0) + pg (1.2.3) + public_suffix (4.0.6) + puma (5.5.2) + nio4r (~> 2.0) + racc (1.6.0) + rack (2.2.3) + rack-test (1.1.0) + rack (>= 1.0, < 3) + rails (6.1.4.1) + actioncable (= 6.1.4.1) + actionmailbox (= 6.1.4.1) + actionmailer (= 6.1.4.1) + actionpack (= 6.1.4.1) + actiontext (= 6.1.4.1) + actionview (= 6.1.4.1) + activejob (= 6.1.4.1) + activemodel (= 6.1.4.1) + activerecord (= 6.1.4.1) + activestorage (= 6.1.4.1) + activesupport (= 6.1.4.1) + bundler (>= 1.15.0) + railties (= 6.1.4.1) + sprockets-rails (>= 2.0.0) + rails-controller-testing (1.0.5) + actionpack (>= 5.0.1.rc1) + actionview (>= 5.0.1.rc1) + activesupport (>= 5.0.1.rc1) + rails-dom-testing (2.0.3) + activesupport (>= 4.2.0) + nokogiri (>= 1.6) + rails-html-sanitizer (1.4.2) + loofah (~> 2.3) + railties (6.1.4.1) + actionpack (= 6.1.4.1) + activesupport (= 6.1.4.1) + method_source + rake (>= 0.13) + thor (~> 1.0) + rake (13.0.6) + rb-fsevent (0.11.0) + rb-inotify (0.10.1) + ffi (~> 1.0) + responders (3.0.1) + actionpack (>= 5.0) + railties (>= 5.0) + rspec-core (3.10.1) + rspec-support (~> 3.10.0) + rspec-expectations (3.10.1) diff-lcs (>= 1.2.0, < 2.0) - rspec-support (~> 3.4.0) - rspec-mocks (3.4.1) + rspec-support (~> 3.10.0) + rspec-mocks (3.10.2) diff-lcs (>= 1.2.0, < 2.0) - rspec-support (~> 3.4.0) - rspec-rails (3.4.1) - actionpack (>= 3.0, < 4.3) - activesupport (>= 3.0, < 4.3) - railties (>= 3.0, < 4.3) - rspec-core (~> 3.4.0) - rspec-expectations (~> 3.4.0) - rspec-mocks (~> 3.4.0) - rspec-support (~> 3.4.0) - rspec-support (3.4.1) - sanitize (4.0.1) + rspec-support (~> 3.10.0) + rspec-rails (5.0.2) + actionpack (>= 5.2) + activesupport (>= 5.2) + railties (>= 5.2) + rspec-core (~> 3.10) + rspec-expectations (~> 3.10) + rspec-mocks (~> 3.10) + rspec-support (~> 3.10) + rspec-support (3.10.3) + ruby2_keywords (0.0.5) + sanitize (6.0.0) crass (~> 1.0.2) - nokogiri (>= 1.4.4) - nokogumbo (~> 1.4.1) - sass (3.4.21) - sass-rails (5.0.4) - railties (>= 4.0.0, < 5.0) + nokogiri (>= 1.12.0) + sass (3.4.25) + sass-rails (5.0.8) + railties (>= 5.2.0) sass (~> 3.1) sprockets (>= 2.8, < 4.0) sprockets-rails (>= 2.0, < 4.0) tilt (>= 1.1, < 3) - sawyer (0.8.1) - addressable (>= 2.3.5, < 2.6) - faraday (~> 0.8, < 1.0) - simplecov (0.11.1) - docile (~> 1.1.0) - json (~> 1.8) - simplecov-html (~> 0.10.0) - simplecov-html (0.10.0) - spring (1.6.2) + sassc (2.4.0) + ffi (~> 1.9) + sawyer (0.8.2) + addressable (>= 2.3.5) + faraday (> 0.8, < 2.0) + simplecov (0.21.2) + docile (~> 1.1) + simplecov-html (~> 0.11) + simplecov_json_formatter (~> 0.1) + simplecov-html (0.12.3) + simplecov_json_formatter (0.1.3) + spring (3.1.1) sprockets (3.7.2) concurrent-ruby (~> 1.0) rack (> 1, < 3) - sprockets-rails (3.2.1) - actionpack (>= 4.0) - activesupport (>= 4.0) + sprockets-rails (3.4.1) + actionpack (>= 5.2) + activesupport (>= 5.2) sprockets (>= 3.0.0) - state_machine (1.2.0) - therubyracer (0.12.2) - libv8 (~> 3.16.14.0) - ref - thor (0.19.4) - thread_safe (0.3.6) - tilt (2.0.2) - turbolinks (2.5.3) - coffee-rails - tzinfo (1.2.5) - thread_safe (~> 0.1) - uglifier (2.7.2) - execjs (>= 0.3.0) - json (>= 1.8.0) - warden (1.2.5) - rack (>= 1.0) - yard (0.8.7.6) + state_machines (0.5.0) + state_machines-activemodel (0.8.0) + activemodel (>= 5.1) + state_machines (>= 0.5.0) + state_machines-activerecord (0.8.0) + activerecord (>= 5.1) + state_machines-activemodel (>= 0.8.0) + thor (1.1.0) + tilt (2.0.10) + turbolinks (5.2.1) + turbolinks-source (~> 5.2) + turbolinks-source (5.2.0) + tzinfo (2.0.4) + concurrent-ruby (~> 1.0) + uglifier (4.2.0) + execjs (>= 0.3.0, < 3) + warden (1.2.9) + rack (>= 2.0.9) + websocket-driver (0.7.5) + websocket-extensions (>= 0.1.0) + websocket-extensions (0.1.5) + yard (0.9.26) + zeitwerk (2.5.1) PLATFORMS - ruby + x86_64-darwin-19 + x86_64-linux DEPENDENCIES autoprefixer-rails bootstrap-sass - coffee-rails (~> 4.0.0) - compass-rails + coffee-rails + compass-rails (~> 4.0.0) daemons database_cleaner delayed_job_active_record - devise (>= 3.4.0) - devise_ldap_authenticatable (> 0.8.1) - factory_girl_rails + devise + devise_ldap_authenticatable + factory_bot font-awesome-rails foreman friendly_id jquery-rails + mini_racer oauth2 - octokit (> 3.3.1) + octokit pg puma - rails (~> 4.2.11.1) + rails + rails-controller-testing rspec-rails sanitize sass-rails simplecov spring - state_machine - therubyracer + state_machines-activerecord turbolinks - uglifier (>= 1.3.0) + uglifier yard BUNDLED WITH - 1.16.2 + 2.2.22 diff --git a/Notes b/Notes new file mode 100644 index 0000000..764f949 --- /dev/null +++ b/Notes @@ -0,0 +1,33 @@ +Notes +======= +https://docs.docker.com/samples/rails/ +https://betterprogramming.pub/ldap-docker-image-with-populated-users-3a5b4d090aa4 + +# Config +- Copy / Rename config/database.yml.docker to config/database.yml +- Copy / Rename config/secrets.yml.example to config/secrets.yml +- Copy / Rename config/ldap.yml.docker to config/ldap.yml + +# Start the services +docker-compose run --no-deps web rails new . --force --database=postgresql + +docker-compose build + +docker-compose up + +# Populate the Postgres DB +docker-compose run web rake db:create db:migrate + +# Populate the LDAP server +docker exec -it github-connector_ldap_1 /bin/sh + +ldapsearch -x -H ldap://localhost -D 'cn=admin,dc=example,dc=com' -b dc=example,dc=com -w test1234 + +ldapadd -x -H ldap://localhost -D 'cn=admin,dc=example,dc=com' -w test1234 -f /container/service/slapd/assets/config/bootstrap/ldif/base.ldif + +Todo +======= +Write script to fire all this up locally +Test and make sure can test this correctly locally +Package all together and push to a branch +Discuss next steps - ges account? diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb index f0164de..fb3342b 100644 --- a/app/controllers/application_controller.rb +++ b/app/controllers/application_controller.rb @@ -1,6 +1,10 @@ class ApplicationController < ActionController::Base rescue_from DeviseLdapAuthenticatable::LdapException do |exception| render :text => exception, :status => 500 + # respond_to do |format| + # format.html { render status: 500, text: exception } + # format.json { render status: 500, text: exception } + # end end # Prevent CSRF attacks by raising an exception. # For APIs, you may want to use :null_session instead. @@ -20,6 +24,10 @@ def check_configured def require_admin return true if current_user.admin? render :status => :forbidden, :text => 'Forbidden' + # respond_to do |format| + # format.html { render status: :forbidden, text: 'Forbidden' } + # format.json { render status: :forbidden, text: 'Forbidden' } + # end false end diff --git a/app/controllers/concerns/settings_mixin.rb b/app/controllers/concerns/settings_mixin.rb index 0e5574b..33ac172 100644 --- a/app/controllers/concerns/settings_mixin.rb +++ b/app/controllers/concerns/settings_mixin.rb @@ -4,7 +4,7 @@ module SettingsMixin PASSWORD_PLACEHOLDER = '|||PWPLACEHOLDER|||' included do - before_filter :load_settings + before_action :load_settings end def scrub_password(key) diff --git a/app/controllers/concerns/setup_mixin.rb b/app/controllers/concerns/setup_mixin.rb index 478a7b9..ea43451 100644 --- a/app/controllers/concerns/setup_mixin.rb +++ b/app/controllers/concerns/setup_mixin.rb @@ -2,8 +2,8 @@ module SetupMixin extend ActiveSupport::Concern included do - skip_before_filter :authenticate_user! - before_filter :check_configured + skip_before_action :authenticate_user! + before_action :check_configured end private diff --git a/app/controllers/connect_controller.rb b/app/controllers/connect_controller.rb index 44d2a1c..09fe186 100644 --- a/app/controllers/connect_controller.rb +++ b/app/controllers/connect_controller.rb @@ -2,7 +2,7 @@ class ConnectController < ApplicationController include GithubOauthConcern - before_filter :load_connect_status, only: [:status] + before_action :load_connect_status, only: [:status] def index @connect_status = ConnectGithubUserStatus.new( @@ -48,11 +48,13 @@ def oauth_redirect_uri def load_connect_status @connect_status = ConnectGithubUserStatus.find(params[:id]) - if @connect_status.user_id != current_user.id - render :status => :forbidden, :text => 'Forbidden' - return false - end + return true unless @connect_status.user_id != current_user.id - true + # respond_to do |format| + # format.html #{ render status: :forbidden, text: 'Forbidden' } + # format.html { render :index, status: :forbidden, text: 'Forbidden' } + # end + render :index, status: :forbidden, text: 'Forbidden' + false end end diff --git a/app/controllers/github_users_controller.rb b/app/controllers/github_users_controller.rb index 65b9dc9..0a9fca7 100644 --- a/app/controllers/github_users_controller.rb +++ b/app/controllers/github_users_controller.rb @@ -1,6 +1,6 @@ class GithubUsersController < ApplicationController - before_filter :load_github_user, except: [:index] - before_filter :require_admin + before_action :load_github_user, except: [:index] + before_action :require_admin def index # TODO: Pagination diff --git a/app/controllers/settings_controller.rb b/app/controllers/settings_controller.rb index a02b8b9..df6060a 100644 --- a/app/controllers/settings_controller.rb +++ b/app/controllers/settings_controller.rb @@ -2,8 +2,8 @@ class SettingsController < ApplicationController include SettingsMixin include GithubOauthConcern include GithubSettingsMixin - before_filter :require_admin - before_filter :set_section_partials + before_action :require_admin + before_action :set_section_partials def edit end diff --git a/app/controllers/setup/admin_user_controller.rb b/app/controllers/setup/admin_user_controller.rb index bc7d511..a1356aa 100644 --- a/app/controllers/setup/admin_user_controller.rb +++ b/app/controllers/setup/admin_user_controller.rb @@ -1,6 +1,6 @@ class Setup::AdminUserController < Devise::SessionsController include SetupMixin - prepend_before_filter :sign_out_if_signed_in, only: [:new] + prepend_before_action :sign_out_if_signed_in, only: [:new] def create super do |resource| diff --git a/app/controllers/users_controller.rb b/app/controllers/users_controller.rb index b057f6f..83b6276 100644 --- a/app/controllers/users_controller.rb +++ b/app/controllers/users_controller.rb @@ -1,7 +1,7 @@ class UsersController < ApplicationController - before_filter :load_user, except: [:index] - before_filter :require_admin, except: [:show] - before_filter :require_admin_or_user, only: [:show] + before_action :load_user, except: [:index] + before_action :require_admin, except: [:show] + before_action :require_admin_or_user, only: [:show] def index # TODO: Pagination diff --git a/app/jobs/connect_github_user_job.rb b/app/jobs/connect_github_user_job.rb index 01f65de..153cccf 100644 --- a/app/jobs/connect_github_user_job.rb +++ b/app/jobs/connect_github_user_job.rb @@ -5,7 +5,7 @@ class ConnectGithubUserJob < ActiveJob::Base def perform(connect_status) @connect_status = connect_status - @connect_status.update_attributes!( + @connect_status.update!( status: :running, step: :grant ) @@ -15,21 +15,21 @@ def perform(connect_status) @github_user = oauth_process_auth_code rescue OAuth2::Error => e Rails.logger.warn "Cannot establish OAuth token: #{e.message}" - @connect_status.update_attributes!( + @connect_status.update!( status: :error, error_message: e.description ) return end - @connect_status.update_attributes!( + @connect_status.update!( step: :add, github_user: @github_user ) # Add to organizations unless @github_user.add_to_organizations - @connect_status.update_attributes!( + @connect_status.update!( status: :error ) return @@ -39,14 +39,14 @@ def perform(connect_status) @github_user.enable if @github_user.can_enable? # Mark complete - @connect_status.update_attributes!( + @connect_status.update!( status: :complete, step: :teams ) rescue => e Rails.logger.error "Error running ConnectGithubUserJob: #{e}\n\t#{e.backtrace.join("\n\t")}" - @connect_status.update_attributes!( + @connect_status.update!( status: :error, error_message: e.message ) diff --git a/app/models/concerns/encryptable.rb b/app/models/concerns/encryptable.rb index 409b1ce..663633c 100644 --- a/app/models/concerns/encryptable.rb +++ b/app/models/concerns/encryptable.rb @@ -19,7 +19,7 @@ def crypt @crypt ||= begin salt = ENV[ENCRYPTED_DATABASE_SALT] || '' key_generator = ActiveSupport::KeyGenerator.new(Rails.application.secrets.database_key, iterations: 2000) - key = key_generator.generate_key(salt) + key = key_generator.generate_key(salt, 32) ActiveSupport::MessageEncryptor.new(key) end end diff --git a/app/models/github_user.rb b/app/models/github_user.rb index 508ea35..b118e53 100644 --- a/app/models/github_user.rb +++ b/app/models/github_user.rb @@ -84,7 +84,7 @@ def add_to_organizations orgs.each do |org| unless github_admin.octokit.organization_member?(org, login) Rails.logger.info "Adding #{login} to organization #{org}." - team = GithubTeam.find_by_full_slug("#{org}/#{check_mfa_team}") + team = GithubTeam.find_by_full_slug("#{org}/#{check_mfa_team}") raise "Adding #{login} to organization #{org}." \ "\nCannot find the team '#{check_mfa_team}' for #{org}" unless team @@ -371,8 +371,8 @@ def sync # Save results transaction do # Force associations reload just in case - emails(true) - org_memberships(true) + emails.reload + org_memberships.reload # Remove old email addresses removed = emails.select do |email| diff --git a/app/models/user.rb b/app/models/user.rb index 8f6fa57..dcefa2a 100644 --- a/app/models/user.rb +++ b/app/models/user.rb @@ -146,7 +146,7 @@ def sync_from_ldap self.ldap_sync_error = nil self.department = ldap_get_single_param('department') save - rescue Net::LDAP::LdapError, Net::LDAP::PDU::Error => e + rescue Net::LDAP::Error, Net::LDAP::PDU::Error => e Rails.logger.error "Error syncing #{username} with Active Directory: #{e}" self.ldap_sync_error = e.message return save @@ -164,12 +164,16 @@ def sync_from_ldap! private + class << self + alias_method :find_for_ldap_authentication_without_normalize, :find_for_ldap_authentication + end + # Finds the User using the normalized ldap username. # # @param attributes [Hash] Devise attributes # @return User # @see normalize_ldap_username - def self.find_for_ldap_authentication_with_normalize(attributes={}) + def self.find_for_ldap_authentication(attributes={}) auth_key = self.authentication_keys.first return nil unless attributes[auth_key].present? @@ -216,8 +220,4 @@ def self.normalize_ldap_username(username) username = username.first if username.is_a?(Enumerable) username end - - class << self - alias_method_chain :find_for_ldap_authentication, :normalize - end -end \ No newline at end of file +end diff --git a/bin/rails b/bin/rails index 728cd85..6fb4e40 100755 --- a/bin/rails +++ b/bin/rails @@ -1,4 +1,4 @@ #!/usr/bin/env ruby -APP_PATH = File.expand_path('../../config/application', __FILE__) -require_relative '../config/boot' -require 'rails/commands' +APP_PATH = File.expand_path('../config/application', __dir__) +require_relative "../config/boot" +require "rails/commands" diff --git a/bin/rake b/bin/rake index 1724048..4fbf10b 100755 --- a/bin/rake +++ b/bin/rake @@ -1,4 +1,4 @@ #!/usr/bin/env ruby -require_relative '../config/boot' -require 'rake' +require_relative "../config/boot" +require "rake" Rake.application.run diff --git a/bin/setup b/bin/setup index acdb2c1..5792302 100755 --- a/bin/setup +++ b/bin/setup @@ -1,29 +1,33 @@ #!/usr/bin/env ruby -require 'pathname' +require "fileutils" # path to your application root. -APP_ROOT = Pathname.new File.expand_path('../../', __FILE__) +APP_ROOT = File.expand_path('..', __dir__) -Dir.chdir APP_ROOT do - # This script is a starting point to setup your application. - # Add necessary setup steps to this file: +def system!(*args) + system(*args) || abort("\n== Command #{args} failed ==") +end + +FileUtils.chdir APP_ROOT do + # This script is a way to set up or update your development environment automatically. + # This script is idempotent, so that you can run it at any time and get an expectable outcome. + # Add necessary setup steps to this file. - puts "== Installing dependencies ==" - system "gem install bundler --conservative" - system "bundle check || bundle install" + puts '== Installing dependencies ==' + system! 'gem install bundler --conservative' + system('bundle check') || system!('bundle install') # puts "\n== Copying sample files ==" - # unless File.exist?("config/database.yml") - # system "cp config/database.yml.sample config/database.yml" + # unless File.exist?('config/database.yml') + # FileUtils.cp 'config/database.yml.sample', 'config/database.yml' # end puts "\n== Preparing database ==" - system "bin/rake db:setup" + system! 'bin/rails db:prepare' puts "\n== Removing old logs and tempfiles ==" - system "rm -f log/*" - system "rm -rf tmp/cache" + system! 'bin/rails log:clear tmp:clear' puts "\n== Restarting application server ==" - system "touch tmp/restart.txt" + system! 'bin/rails restart' end diff --git a/bin/spring b/bin/spring deleted file mode 100755 index 253ec37..0000000 --- a/bin/spring +++ /dev/null @@ -1,18 +0,0 @@ -#!/usr/bin/env ruby - -# This file loads spring without using Bundler, in order to be fast -# It gets overwritten when you run the `spring binstub` command - -unless defined?(Spring) - require "rubygems" - require "bundler" - - if match = Bundler.default_lockfile.read.match(/^GEM$.*?^ spring \((.*?)\)$.*?^$/m) - ENV["GEM_PATH"] = ([Bundler.bundle_path.to_s] + Gem.path).join(File::PATH_SEPARATOR) - ENV["GEM_HOME"] = "" - Gem.paths = ENV - - gem "spring", match[1] - require "spring/binstub" - end -end diff --git a/config/application.rb b/config/application.rb index 1d42f7a..08ab8ac 100644 --- a/config/application.rb +++ b/config/application.rb @@ -20,9 +20,6 @@ class Application < Rails::Application # config.i18n.load_path += Dir[Rails.root.join('my', 'locales', '*.{rb,yml}').to_s] # config.i18n.default_locale = :de - # For not swallow errors in after_commit/after_rollback callbacks. - config.active_record.raise_in_transactional_callbacks = true - config.active_job.queue_adapter = :delayed_job config.autoload_paths << Rails.root.join('lib') diff --git a/config/database.yml.docker b/config/database.yml.docker new file mode 100644 index 0000000..f95348f --- /dev/null +++ b/config/database.yml.docker @@ -0,0 +1,18 @@ +development: &default + adapter: postgresql + database: github_connector + pool: 5 + timeout: 5 + host: db + username: postgres + password: password + +production: + <<: *default + +# Warning: The database defined as "test" will be erased and +# re-generated from your development database when you run "rake". +# Do not set this db to the same as development or production. +test: + <<: *default + database: github_connector_test diff --git a/config/initializers/action_mailer.rb b/config/initializers/action_mailer.rb index 2396221..7ccb091 100644 --- a/config/initializers/action_mailer.rb +++ b/config/initializers/action_mailer.rb @@ -7,7 +7,7 @@ def initialize_with_config(*args) Rails.application.settings.apply_to_action_mailer initialize_without_config(*args) end - alias_method_chain :initialize, :config + alias_method :initialize, :config end end diff --git a/config/initializers/state_machine_patch.rb b/config/initializers/state_machine_patch.rb deleted file mode 100644 index 2d1b701..0000000 --- a/config/initializers/state_machine_patch.rb +++ /dev/null @@ -1,26 +0,0 @@ -# The state_machine gem doesn't support Rails 4.1 out of the box. -# This patches stuff to work. -# -# See: https://github.com/pluginaweek/state_machine/issues/251 -module StateMachine - module Integrations - module ActiveModel - public :around_validation - end - - module ActiveRecord - public :around_save - end - end -end -module StateMachine - module Integrations - module ActiveModel - public :around_validation - end - - module ActiveRecord - public :around_save - end - end -end diff --git a/config/ldap.yml.docker b/config/ldap.yml.docker new file mode 100644 index 0000000..56ae51e --- /dev/null +++ b/config/ldap.yml.docker @@ -0,0 +1,8 @@ +development: + host: localhost + port: 389 + attribute: cn + base: dc=example,dc=com + admin_user: cn=admin,dc=example,dc=com + admin_password: test1234 + ssl: none diff --git a/cookbook/attributes/default.rb b/cookbook/attributes/default.rb index 9931afa..a916ee3 100644 --- a/cookbook/attributes/default.rb +++ b/cookbook/attributes/default.rb @@ -3,7 +3,7 @@ default['github_connector']['install_dir'] = '/var/www/github-connector' default['github_connector']['repo']['url'] = 'https://github.com/rapid7/github-connector.git' -default['github_connector']['repo']['revision'] = 'v0.1.5' +default['github_connector']['repo']['revision'] = 'v0.2.0' # The secrets databag can contain the following keys: # * database_password diff --git a/cookbook/attributes/ruby.rb b/cookbook/attributes/ruby.rb index 24cef0e..01761d0 100644 --- a/cookbook/attributes/ruby.rb +++ b/cookbook/attributes/ruby.rb @@ -1,8 +1,8 @@ -default['github_connector']['ruby_version'] = 'ruby-2.3.0' +default['github_connector']['ruby_version'] = 'ruby-3.0.2' default['github_connector']['ruby_gemset'] = 'github-connector' default['github_connector']['rvm_alias'] = 'github-connector' -default['rvm']['version'] = '1.26.11' +default['rvm']['version'] = '1.29.12' default['rvm']['user_rubies'] = [node['github_connector']['ruby_version']] default['rvm']['user_default_ruby'] = node['github_connector']['ruby_version'] default['rvm']['user_autolibs'] = 'read-fail' diff --git a/cookbook/metadata.rb b/cookbook/metadata.rb index 5278ec4..c344878 100644 --- a/cookbook/metadata.rb +++ b/cookbook/metadata.rb @@ -6,7 +6,7 @@ long_description IO.read(File.join(File.dirname(__FILE__), 'README.md')) source_url "https://github.com/rapid7/github-connector/tree/master/cookbook" issues_url "https://github.com/rapid7/github-connector/issues" -version "0.1.7" +version "0.2.0" supports 'ubuntu' diff --git a/db/migrate/20140619160007_devise_create_users.rb b/db/migrate/20140619160007_devise_create_users.rb index dce05ca..0dec0cf 100644 --- a/db/migrate/20140619160007_devise_create_users.rb +++ b/db/migrate/20140619160007_devise_create_users.rb @@ -1,4 +1,4 @@ -class DeviseCreateUsers < ActiveRecord::Migration +class DeviseCreateUsers < ActiveRecord::Migration[4.2] def change create_table(:users) do |t| ## LDAP authenticatable diff --git a/db/migrate/20140624041139_add_github_attrs_to_user.rb b/db/migrate/20140624041139_add_github_attrs_to_user.rb index 420cf87..9db4b60 100644 --- a/db/migrate/20140624041139_add_github_attrs_to_user.rb +++ b/db/migrate/20140624041139_add_github_attrs_to_user.rb @@ -1,4 +1,4 @@ -class AddGithubAttrsToUser < ActiveRecord::Migration +class AddGithubAttrsToUser < ActiveRecord::Migration[4.2] def change add_column :users, :encrypted_github_token, :string add_column :users, :github_login, :string diff --git a/db/migrate/20140626181353_create_settings.rb b/db/migrate/20140626181353_create_settings.rb index d66d386..6f931c5 100644 --- a/db/migrate/20140626181353_create_settings.rb +++ b/db/migrate/20140626181353_create_settings.rb @@ -1,4 +1,4 @@ -class CreateSettings < ActiveRecord::Migration +class CreateSettings < ActiveRecord::Migration[4.2] def change create_table :settings do |t| t.string :key diff --git a/db/migrate/20140708224056_create_emails.rb b/db/migrate/20140708224056_create_emails.rb index 86fddd1..ef743fe 100644 --- a/db/migrate/20140708224056_create_emails.rb +++ b/db/migrate/20140708224056_create_emails.rb @@ -1,4 +1,4 @@ -class CreateEmails < ActiveRecord::Migration +class CreateEmails < ActiveRecord::Migration[4.2] def change create_table :emails do |t| t.references :user, index: true diff --git a/db/migrate/20140709045852_add_last_sync_to_user.rb b/db/migrate/20140709045852_add_last_sync_to_user.rb index 6d3cd74..b489d1d 100644 --- a/db/migrate/20140709045852_add_last_sync_to_user.rb +++ b/db/migrate/20140709045852_add_last_sync_to_user.rb @@ -1,4 +1,4 @@ -class AddLastSyncToUser < ActiveRecord::Migration +class AddLastSyncToUser < ActiveRecord::Migration[4.2] def change add_column :users, :last_ldap_sync, :datetime add_column :users, :last_github_sync, :datetime diff --git a/db/migrate/20140709191104_add_state_attrs_to_user.rb b/db/migrate/20140709191104_add_state_attrs_to_user.rb index 3655cbe..826b1c5 100644 --- a/db/migrate/20140709191104_add_state_attrs_to_user.rb +++ b/db/migrate/20140709191104_add_state_attrs_to_user.rb @@ -1,4 +1,4 @@ -class AddStateAttrsToUser < ActiveRecord::Migration +class AddStateAttrsToUser < ActiveRecord::Migration[4.2] def change add_column :users, :state, :string, null: false, default: :unknown add_column :users, :ldap_account_control, :integer diff --git a/db/migrate/20140714210644_add_sync_errors_to_user.rb b/db/migrate/20140714210644_add_sync_errors_to_user.rb index 2931886..2e55759 100644 --- a/db/migrate/20140714210644_add_sync_errors_to_user.rb +++ b/db/migrate/20140714210644_add_sync_errors_to_user.rb @@ -1,4 +1,4 @@ -class AddSyncErrorsToUser < ActiveRecord::Migration +class AddSyncErrorsToUser < ActiveRecord::Migration[4.2] def change add_column :users, :github_sync_error, :string add_column :users, :github_sync_error_at, :datetime diff --git a/db/migrate/20140722192112_add_github_teams.rb b/db/migrate/20140722192112_add_github_teams.rb index 61cede3..f33a22d 100644 --- a/db/migrate/20140722192112_add_github_teams.rb +++ b/db/migrate/20140722192112_add_github_teams.rb @@ -1,4 +1,4 @@ -class AddGithubTeams < ActiveRecord::Migration +class AddGithubTeams < ActiveRecord::Migration[4.2] def change create_table(:teams) do |t| t.string :slug diff --git a/db/migrate/20140724141457_refactor_github_tables.rb b/db/migrate/20140724141457_refactor_github_tables.rb index d574e9a..f5cff9f 100644 --- a/db/migrate/20140724141457_refactor_github_tables.rb +++ b/db/migrate/20140724141457_refactor_github_tables.rb @@ -1,4 +1,4 @@ -class RefactorGithubTables < ActiveRecord::Migration +class RefactorGithubTables < ActiveRecord::Migration[4.2] def change rename_table :teams, :github_teams rename_table :user_teams, :github_user_teams diff --git a/db/migrate/20140726214806_move_state_to_github_user.rb b/db/migrate/20140726214806_move_state_to_github_user.rb index 0a9766d..bb1a845 100644 --- a/db/migrate/20140726214806_move_state_to_github_user.rb +++ b/db/migrate/20140726214806_move_state_to_github_user.rb @@ -1,4 +1,4 @@ -class MoveStateToGithubUser < ActiveRecord::Migration +class MoveStateToGithubUser < ActiveRecord::Migration[4.2] def change add_column :github_users, :state, :string, null: false, default: :unknown remove_column :users, :state, :string, null: false, default: :unknown diff --git a/db/migrate/20140811194159_add_github_urls.rb b/db/migrate/20140811194159_add_github_urls.rb index cf6ff63..8ee2425 100644 --- a/db/migrate/20140811194159_add_github_urls.rb +++ b/db/migrate/20140811194159_add_github_urls.rb @@ -1,4 +1,4 @@ -class AddGithubUrls < ActiveRecord::Migration +class AddGithubUrls < ActiveRecord::Migration[4.2] def change add_column :github_users, :avatar_url, :string add_column :github_users, :html_url, :string diff --git a/db/migrate/20140818012538_add_admin_flag_to_user.rb b/db/migrate/20140818012538_add_admin_flag_to_user.rb index 8319be3..a762d97 100644 --- a/db/migrate/20140818012538_add_admin_flag_to_user.rb +++ b/db/migrate/20140818012538_add_admin_flag_to_user.rb @@ -1,4 +1,4 @@ -class AddAdminFlagToUser < ActiveRecord::Migration +class AddAdminFlagToUser < ActiveRecord::Migration[4.2] def change add_column :users, :admin, :bool diff --git a/db/migrate/20140915164525_convert_settings_value_to_text.rb b/db/migrate/20140915164525_convert_settings_value_to_text.rb index 8fd6473..8eced3e 100644 --- a/db/migrate/20140915164525_convert_settings_value_to_text.rb +++ b/db/migrate/20140915164525_convert_settings_value_to_text.rb @@ -1,4 +1,4 @@ -class ConvertSettingsValueToText < ActiveRecord::Migration +class ConvertSettingsValueToText < ActiveRecord::Migration[4.2] def change change_column :settings, :value, :text end diff --git a/db/migrate/20140917184213_create_delayed_jobs.rb b/db/migrate/20140917184213_create_delayed_jobs.rb index f7de70b..dd5d19f 100644 --- a/db/migrate/20140917184213_create_delayed_jobs.rb +++ b/db/migrate/20140917184213_create_delayed_jobs.rb @@ -1,4 +1,4 @@ -class CreateDelayedJobs < ActiveRecord::Migration +class CreateDelayedJobs < ActiveRecord::Migration[4.2] def self.up create_table :delayed_jobs, :force => true do |table| table.integer :priority, :default => 0, :null => false # Allows some jobs to jump to the front of the queue diff --git a/db/migrate/20140917184236_add_connect_github_user_statuses.rb b/db/migrate/20140917184236_add_connect_github_user_statuses.rb index 5d4a1fc..a41de20 100644 --- a/db/migrate/20140917184236_add_connect_github_user_statuses.rb +++ b/db/migrate/20140917184236_add_connect_github_user_statuses.rb @@ -1,4 +1,4 @@ -class AddConnectGithubUserStatuses < ActiveRecord::Migration +class AddConnectGithubUserStatuses < ActiveRecord::Migration[4.2] def change create_table(:connect_github_user_statuses) do |t| t.belongs_to :user diff --git a/db/migrate/20140920200517_add_remember_token_to_user.rb b/db/migrate/20140920200517_add_remember_token_to_user.rb index a906712..5ef5dd5 100644 --- a/db/migrate/20140920200517_add_remember_token_to_user.rb +++ b/db/migrate/20140920200517_add_remember_token_to_user.rb @@ -1,4 +1,4 @@ -class AddRememberTokenToUser < ActiveRecord::Migration +class AddRememberTokenToUser < ActiveRecord::Migration[4.2] def change add_column :users, :remember_token, :string end diff --git a/db/migrate/20141018212156_add_github_user_disabled_teams.rb b/db/migrate/20141018212156_add_github_user_disabled_teams.rb index 2993415..8875c2a 100644 --- a/db/migrate/20141018212156_add_github_user_disabled_teams.rb +++ b/db/migrate/20141018212156_add_github_user_disabled_teams.rb @@ -1,4 +1,4 @@ -class AddGithubUserDisabledTeams < ActiveRecord::Migration +class AddGithubUserDisabledTeams < ActiveRecord::Migration[4.2] def change create_table :github_user_disabled_teams, id: false do |t| t.belongs_to :github_user diff --git a/db/migrate/20160215025445_add_github_organization_memberships.rb b/db/migrate/20160215025445_add_github_organization_memberships.rb index 1695dcf..1b3e79e 100644 --- a/db/migrate/20160215025445_add_github_organization_memberships.rb +++ b/db/migrate/20160215025445_add_github_organization_memberships.rb @@ -1,4 +1,4 @@ -class AddGithubOrganizationMemberships < ActiveRecord::Migration +class AddGithubOrganizationMemberships < ActiveRecord::Migration[4.2] def change create_table :github_organization_memberships do |t| t.references :github_user, index: true, null: false diff --git a/db/migrate/20210311145806_add_user_department.rb b/db/migrate/20210311145806_add_user_department.rb index 625bec4..4ae16a5 100644 --- a/db/migrate/20210311145806_add_user_department.rb +++ b/db/migrate/20210311145806_add_user_department.rb @@ -1,4 +1,4 @@ -class AddUserDepartment < ActiveRecord::Migration +class AddUserDepartment < ActiveRecord::Migration[4.2] def change add_column :users, :department, :string end diff --git a/db/schema.rb b/db/schema.rb index 3a2fece..4a4afba 100644 --- a/db/schema.rb +++ b/db/schema.rb @@ -1,72 +1,68 @@ -# encoding: UTF-8 # This file is auto-generated from the current state of the database. Instead # of editing this file, please use the migrations feature of Active Record to # incrementally modify your database, and then regenerate this schema definition. # -# Note that this schema.rb definition is the authoritative source for your -# database schema. If you need to create the application database on another -# system, you should be using db:schema:load, not running all the migrations -# from scratch. The latter is a flawed and unsustainable approach (the more migrations -# you'll amass, the slower it'll run and the greater likelihood for issues). +# This file is the source Rails uses to define your schema when running `bin/rails +# db:schema:load`. When creating a new database, `bin/rails db:schema:load` tends to +# be faster and is potentially less error prone than running all of your +# migrations from scratch. Old migrations may fail to apply correctly if those +# migrations use external dependencies or application code. # # It's strongly recommended that you check this file into your version control system. -ActiveRecord::Schema.define(version: 20210311145806) do +ActiveRecord::Schema.define(version: 2021_03_11_145806) do # These are extensions that must be enabled in order to support this database enable_extension "plpgsql" - create_table "connect_github_user_statuses", force: :cascade do |t| - t.integer "user_id" - t.integer "github_user_id" - t.string "oauth_code" - t.string "status" - t.string "step" - t.text "error_message" + create_table "connect_github_user_statuses", id: :serial, force: :cascade do |t| + t.integer "user_id" + t.integer "github_user_id" + t.string "oauth_code" + t.string "status" + t.string "step" + t.text "error_message" t.datetime "created_at" t.datetime "updated_at" end - create_table "delayed_jobs", force: :cascade do |t| - t.integer "priority", default: 0, null: false - t.integer "attempts", default: 0, null: false - t.text "handler", null: false - t.text "last_error" + create_table "delayed_jobs", id: :serial, force: :cascade do |t| + t.integer "priority", default: 0, null: false + t.integer "attempts", default: 0, null: false + t.text "handler", null: false + t.text "last_error" t.datetime "run_at" t.datetime "locked_at" t.datetime "failed_at" - t.string "locked_by" - t.string "queue" + t.string "locked_by" + t.string "queue" t.datetime "created_at" t.datetime "updated_at" + t.index ["priority", "run_at"], name: "delayed_jobs_priority" end - add_index "delayed_jobs", ["priority", "run_at"], name: "delayed_jobs_priority", using: :btree - - create_table "github_emails", force: :cascade do |t| - t.integer "github_user_id", null: false - t.string "address" + create_table "github_emails", id: :serial, force: :cascade do |t| + t.integer "github_user_id", null: false + t.string "address" t.datetime "created_at" t.datetime "updated_at" + t.index ["github_user_id"], name: "index_github_emails_on_github_user_id" end - add_index "github_emails", ["github_user_id"], name: "index_github_emails_on_github_user_id", using: :btree - - create_table "github_organization_memberships", force: :cascade do |t| - t.integer "github_user_id", null: false - t.string "organization", null: false - t.string "role" - t.string "state" - t.datetime "created_at", null: false - t.datetime "updated_at", null: false + create_table "github_organization_memberships", id: :serial, force: :cascade do |t| + t.integer "github_user_id", null: false + t.string "organization", null: false + t.string "role" + t.string "state" + t.datetime "created_at", null: false + t.datetime "updated_at", null: false + t.index ["github_user_id"], name: "index_github_organization_memberships_on_github_user_id" end - add_index "github_organization_memberships", ["github_user_id"], name: "index_github_organization_memberships_on_github_user_id", using: :btree - - create_table "github_teams", force: :cascade do |t| - t.string "slug" - t.string "organization" - t.string "name" + create_table "github_teams", id: :serial, force: :cascade do |t| + t.string "slug" + t.string "organization" + t.string "name" t.datetime "created_at" t.datetime "updated_at" end @@ -81,54 +77,51 @@ t.integer "github_team_id" end - create_table "github_users", force: :cascade do |t| - t.integer "user_id" - t.string "login", null: false - t.boolean "mfa" - t.string "encrypted_token" + create_table "github_users", id: :serial, force: :cascade do |t| + t.integer "user_id" + t.string "login", null: false + t.boolean "mfa" + t.string "encrypted_token" t.datetime "last_sync_at" - t.string "sync_error" + t.string "sync_error" t.datetime "sync_error_at" t.datetime "created_at" t.datetime "updated_at" - t.string "state", default: "unknown", null: false - t.string "avatar_url" - t.string "html_url" + t.string "state", default: "unknown", null: false + t.string "avatar_url" + t.string "html_url" + t.index ["login"], name: "index_github_users_on_login", unique: true + t.index ["user_id"], name: "index_github_users_on_user_id" end - add_index "github_users", ["login"], name: "index_github_users_on_login", unique: true, using: :btree - add_index "github_users", ["user_id"], name: "index_github_users_on_user_id", using: :btree - - create_table "settings", force: :cascade do |t| - t.string "key" - t.text "value" + create_table "settings", id: :serial, force: :cascade do |t| + t.string "key" + t.text "value" t.datetime "created_at" t.datetime "updated_at" + t.index ["key"], name: "index_settings_on_key", unique: true end - add_index "settings", ["key"], name: "index_settings_on_key", unique: true, using: :btree - - create_table "users", force: :cascade do |t| - t.string "username", default: "", null: false - t.string "name" + create_table "users", id: :serial, force: :cascade do |t| + t.string "username", default: "", null: false + t.string "name" t.datetime "remember_created_at" - t.integer "sign_in_count", default: 0, null: false + t.integer "sign_in_count", default: 0, null: false t.datetime "current_sign_in_at" t.datetime "last_sign_in_at" - t.string "current_sign_in_ip" - t.string "last_sign_in_ip" + t.string "current_sign_in_ip" + t.string "last_sign_in_ip" t.datetime "created_at" t.datetime "updated_at" t.datetime "last_ldap_sync" - t.integer "ldap_account_control" - t.string "ldap_sync_error" + t.integer "ldap_account_control" + t.string "ldap_sync_error" t.datetime "ldap_sync_error_at" - t.string "email" - t.boolean "admin" - t.string "remember_token" - t.string "department" + t.string "email" + t.boolean "admin" + t.string "remember_token" + t.string "department" + t.index ["username"], name: "index_users_on_username", unique: true end - add_index "users", ["username"], name: "index_users_on_username", unique: true, using: :btree - end diff --git a/docker-compose.yml b/docker-compose.yml new file mode 100644 index 0000000..8a3982d --- /dev/null +++ b/docker-compose.yml @@ -0,0 +1,44 @@ +version: "3.9" +services: + db: + image: postgres + volumes: + - ./tmp/db:/var/lib/postgresql/data + environment: + POSTGRES_PASSWORD: password + ports: + - "5432:5432" + ldap: + build: + context: . + dockerfile: DockerfileLdap + environment: + LDAP_ADMIN_PASSWORD: test1234 + LDAP_BASE_DN: dc=example,dc=com + LDAP_LOG_LEVEL: 256 + ports: + - "389:389" + - "636:636" + - "3268:3268" + - "3269:3269" + volumes: + - ldap_data:/var/lib/ldap + - ldap_config:/etc/ldap/slapd.d + - ./ldap/ldif:/container/service/slapd/assets/config/bootstrap/ldif/ + - ./ldap/schema:/container/service/slapd/assets/config/bootstrap/schema/ + command: --copy-service --loglevel debug + web: + build: + context: . + dockerfile: DockerfileWeb + command: bash -c "rm -f tmp/pids/server.pid && bundle exec rails s -p 5000 -b '0.0.0.0'" + volumes: + - .:/myapp + ports: + - "5000:5000" + depends_on: + - db + - ldap +volumes: + ldap_data: + ldap_config: diff --git a/entrypoint.sh b/entrypoint.sh new file mode 100644 index 0000000..3af18f7 --- /dev/null +++ b/entrypoint.sh @@ -0,0 +1,8 @@ +#!/bin/bash +set -e + +# Remove a potentially pre-existing server.pid for Rails. +rm -f /myapp/tmp/pids/server.pid + +# Then exec the container's main process (what's set as CMD in the Dockerfile). +exec "$@" diff --git a/ldap/base.ldif b/ldap/base.ldif index c46821d..d18bba3 100644 --- a/ldap/base.ldif +++ b/ldap/base.ldif @@ -5,6 +5,23 @@ objectClass: organizationalUnit dc: example ou: example +# Admin account +dn: cn=Test Admin User,dc=example,dc=com +objectclass: top +objectClass: person +objectClass: organizationalPerson +objectClass: user +displayName: Test Admin +name: Test Admin User +givenName: Test +sn: Admin +mail: test_admin@example.com +userPrincipalName: test_admin@example.com +userAccountControl: 510 +sAMAccountName: testadmin +# userPassword: secret +userPassword: {SSHA}fFjKcZb4cfOAcwSjJer8nCGOEVRUnwCC + # Normal account dn: cn=Homer Simpson,dc=example,dc=com objectclass: top diff --git a/ldap/clear.ldif b/ldap/clear.ldif index 770ed02..bfd0144 100644 --- a/ldap/clear.ldif +++ b/ldap/clear.ldif @@ -10,5 +10,8 @@ changetype: delete dn: cn=Homer Simpson,dc=example,dc=com changetype: delete +dn: cn=Test Admin User,dc=example,dc=com +changetype: delete + dn: dc=example,dc=com changetype: delete diff --git a/ldap/ldif/base.ldif b/ldap/ldif/base.ldif new file mode 100644 index 0000000..948a7fe --- /dev/null +++ b/ldap/ldif/base.ldif @@ -0,0 +1,84 @@ +# Admin account +dn: cn=Test Admin User,dc=example,dc=com +objectclass: top +objectClass: person +objectClass: organizationalPerson +objectClass: user +displayName: Test Admin +name: Test Admin User +givenName: Test +sn: Admin +mail: test_admin@example.com +userPrincipalName: test_admin@example.com +userAccountControl: 510 +sAMAccountName: testadmin +# userPassword: secret +userPassword: {SSHA}fFjKcZb4cfOAcwSjJer8nCGOEVRUnwCC + +# Normal account +dn: cn=Homer Simpson,dc=example,dc=com +objectclass: top +objectClass: person +objectClass: organizationalPerson +objectClass: user +displayName: Homer Simpson +name: Homer Simpson +givenName: Homer +sn: Simpson +mail: Homer_Simpson@example.com +userPrincipalName: hsimpson@example.com +userAccountControl: 512 +sAMAccountName: hsimpson +# userPassword: 123456 +userPassword: {SSHA}1j5ho2mHI6fHgwQOjBk9aRHF47FzYWx0 + +# Locked account +dn: cn=Marge Simpson,dc=example,dc=com +objectclass: top +objectClass: person +objectClass: organizationalPerson +objectClass: user +displayName: Homer Simpson +name: Marge Simpson +givenName: Marge +sn: Simpson +mail: Marge_Simpson@example.com +userPrincipalName: msimpson@example.com +userAccountControl: 528 +sAMAccountName: msimpson +# userPassword: 123456 +userPassword: {SSHA}1j5ho2mHI6fHgwQOjBk9aRHF47FzYWx0 + +# Disabled account +dn: cn=Bart Simpson,dc=example,dc=com +objectclass: top +objectClass: person +objectClass: organizationalPerson +objectClass: user +displayName: Homer Simpson +name: Bart Simpson +givenName: Bart +sn: Simpson +mail: Bart_Simpson@example.com +userPrincipalName: bsimpson@example.com +userAccountControl: 514 +sAMAccountName: bsimpson +# userPassword: 123456 +userPassword: {SSHA}1j5ho2mHI6fHgwQOjBk9aRHF47FzYWx0 + +# Password expired +dn: cn=Lisa Simpson,dc=example,dc=com +objectclass: top +objectClass: person +objectClass: organizationalPerson +objectClass: user +displayName: Homer Simpson +name: Lisa Simpson +givenName: Lisa +sn: Simpson +mail: Lisa_Simpson@example.com +userPrincipalName: lsimpson@example.com +userAccountControl: 8389120 +sAMAccountName: lsimpson +# userPassword: 123456 +userPassword: {SSHA}1j5ho2mHI6fHgwQOjBk9aRHF47FzYWx0 diff --git a/ldap/ldif/clear.ldif b/ldap/ldif/clear.ldif new file mode 100644 index 0000000..bfd0144 --- /dev/null +++ b/ldap/ldif/clear.ldif @@ -0,0 +1,17 @@ +dn: cn=Lisa Simpson,dc=example,dc=com +changetype: delete + +dn: cn=Bart Simpson,dc=example,dc=com +changetype: delete + +dn: cn=Marge Simpson,dc=example,dc=com +changetype: delete + +dn: cn=Homer Simpson,dc=example,dc=com +changetype: delete + +dn: cn=Test Admin User,dc=example,dc=com +changetype: delete + +dn: dc=example,dc=com +changetype: delete diff --git a/ldap/schema/local.schema b/ldap/schema/local.schema new file mode 100644 index 0000000..95b2943 --- /dev/null +++ b/ldap/schema/local.schema @@ -0,0 +1,27 @@ + +attributetype ( 1.2.840.113556.1.4.656 + NAME 'userPrincipalName' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' + SINGLE-VALUE ) + +attributetype ( 1.2.840.113556.1.4.221 + NAME 'sAMAccountName' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' + SINGLE-VALUE ) + +attributetype ( 1.2.840.113556.1.4.8 + NAME 'userAccountControl' + EQUALITY integerMatch + SYNTAX '1.3.6.1.4.1.1466.115.121.1.27' + SINGLE-VALUE ) + +objectclass ( 1.2.840.113556.1.5.9 + NAME 'user' + SUP organizationalPerson + STRUCTURAL + MUST ( sAMAccountName $ userAccountControl $ userPrincipalName ) + MAY ( displayName $ givenName $ mail $ name ) ) diff --git a/spec/controllers/connect_controller_spec.rb b/spec/controllers/connect_controller_spec.rb index d784317..6c831cd 100644 --- a/spec/controllers/connect_controller_spec.rb +++ b/spec/controllers/connect_controller_spec.rb @@ -17,7 +17,7 @@ describe "GET 'index'" do it "returns http success" do get 'index' - expect(response).to be_success + expect(response).to be_successful end it 'sets a new ConnectGithubUserStatus' do @@ -32,15 +32,15 @@ let(:connect_status) { ConnectGithubUserStatus.create(user: user) } it 'returns http success' do - get 'status', id: connect_status.id - expect(response).to be_success + get 'status', params: { id: connect_status.id } + expect(response).to be_successful end context 'with another user' do let(:connect_status) { ConnectGithubUserStatus.create(user: create(:user)) } it 'returns http forbidden' do - get 'status', id: connect_status.id + get 'status', params: { id: connect_status.id } expect(response).to be_forbidden end end @@ -86,7 +86,7 @@ def redirect_params end describe "GET 'auth_code'" do - subject { get :auth_code, code: code, state: state } + subject { get :auth_code, params: { code: code, state: state }} let(:state) { 'foostate' } let(:code) { 'foocode' } #let(:oauth) { double('oauth', auth_code: double(get_token: oauth_token)) } diff --git a/spec/controllers/dashboard_controller_spec.rb b/spec/controllers/dashboard_controller_spec.rb index b398e70..82197e5 100644 --- a/spec/controllers/dashboard_controller_spec.rb +++ b/spec/controllers/dashboard_controller_spec.rb @@ -9,7 +9,7 @@ describe "GET 'index'" do it "returns http success" do get 'index' - expect(response).to be_success + expect(response).to be_successful end it 'redirects to setup wizard if application is not configured' do @@ -21,7 +21,7 @@ it 'returns a http error if an LDAP authentication error occurs' do allow(controller).to receive(:index).and_raise(DeviseLdapAuthenticatable::LdapException) get 'index' - expect(response).to be_error + expect(response).to have_http_status(500) end end diff --git a/spec/controllers/github_users_controller_spec.rb b/spec/controllers/github_users_controller_spec.rb index 179468e..6e4a2db 100644 --- a/spec/controllers/github_users_controller_spec.rb +++ b/spec/controllers/github_users_controller_spec.rb @@ -12,14 +12,14 @@ describe "GET index" do it "returns http success" do get :index - expect(response).to be_success + expect(response).to be_successful end end describe "GET show" do it "returns http success" do - get :show, id: github_user.login - expect(response).to be_success + get :show, params: { id: github_user.login } + expect(response).to be_successful end end diff --git a/spec/controllers/settings_controller_spec.rb b/spec/controllers/settings_controller_spec.rb index d38bc0e..95b8fce 100644 --- a/spec/controllers/settings_controller_spec.rb +++ b/spec/controllers/settings_controller_spec.rb @@ -15,12 +15,12 @@ describe "GET 'edit'" do it "returns http success" do get 'edit' - expect(response).to be_success + expect(response).to be_successful end end describe "PUT 'update'" do - subject { put 'update', settings: settings } + subject { put 'update', params: { settings: settings } } let(:ldap) { double('ldap', bind: true).as_null_object } let(:settings) {{ ldap_host: 'foohost', @@ -53,7 +53,7 @@ end it 'handles ldap errors' do - expect(ldap).to receive(:bind).and_raise(Net::LDAP::LdapError) + expect(ldap).to receive(:bind).and_raise(Net::LDAP::Error) expect(subject).to_not be_redirect expect(assigns(:error)).to_not be_nil end @@ -61,7 +61,7 @@ context 'with connect_github parameter' do it "calls github_admin action" do expect(controller).to receive(:github_admin) { controller.redirect_to('foobar') } - put 'update', settings: settings, connect_github: 'connect' + put 'update', params: { settings: settings, connect_github: 'connect' } end end end @@ -108,7 +108,7 @@ def redirect_params end describe "GET 'github_auth_code'" do - subject { get :github_auth_code, state: state } + subject { get :github_auth_code, params: { state: state } } let(:state) { 'foostate' } let(:oauth) { double('oauth', auth_code: double(get_token: oauth_token)) } let(:oauth_token) { double('oauth_token', token: 'footoken') } diff --git a/spec/controllers/setup/admin_user_controller_spec.rb b/spec/controllers/setup/admin_user_controller_spec.rb index 445e539..978fe7e 100644 --- a/spec/controllers/setup/admin_user_controller_spec.rb +++ b/spec/controllers/setup/admin_user_controller_spec.rb @@ -11,7 +11,7 @@ describe "GET 'new'" do it "returns http success" do get 'new' - expect(response).to be_success + expect(response).to be_successful end it 'signs out existing users' do @@ -22,7 +22,7 @@ end describe "POST 'create'" do - subject { post 'create', user: {username: user.username, password: 'foopass'} } + subject { post 'create', params: { user: { username: user.username, password: 'foopass' }}} it 'sets the admin user' do allow(controller.warden).to receive(:authenticate!).and_return(user) diff --git a/spec/controllers/setup/company_controller_spec.rb b/spec/controllers/setup/company_controller_spec.rb index ad34b98..e13f980 100644 --- a/spec/controllers/setup/company_controller_spec.rb +++ b/spec/controllers/setup/company_controller_spec.rb @@ -5,12 +5,12 @@ describe "GET 'edit'" do it "returns http success" do get 'edit' - expect(response).to be_success + expect(response).to be_successful end end describe "PUT 'update'" do - subject { put 'update', settings: {company: 'foocompany'} } + subject { put 'update', params: { settings: { company: 'foocompany' }}} it 'saves settings' do subject diff --git a/spec/controllers/setup/email_controller_spec.rb b/spec/controllers/setup/email_controller_spec.rb index 8f353d1..80528da 100644 --- a/spec/controllers/setup/email_controller_spec.rb +++ b/spec/controllers/setup/email_controller_spec.rb @@ -5,10 +5,11 @@ describe "GET 'edit'" do it "returns http success" do get 'edit' - expect(response).to be_success + expect(response).to be_successful end it 'sets default email from company name' do + request.set_header("HTTP_HOST", 'localhost') allow(request).to receive(:host).and_return('localhost') Rails.application.settings.company = 'Example Corp' get 'edit' @@ -16,6 +17,7 @@ end it 'sets default email from url domain' do + request.set_header("HTTP_HOST", 'foocorp.com') allow(request).to receive(:host).and_return('foocorp.com') get 'edit' expect(assigns(:settings).email_from).to eq('github@foocorp.com') @@ -23,7 +25,7 @@ end describe "PUT 'update'" do - subject { put 'update', settings: {smtp_address: 'localhost'} } + subject { put 'update', params: { settings: {smtp_address: 'localhost'} } } it 'saves settings' do subject diff --git a/spec/controllers/setup/github_controller_spec.rb b/spec/controllers/setup/github_controller_spec.rb index 3263c58..3e5d916 100644 --- a/spec/controllers/setup/github_controller_spec.rb +++ b/spec/controllers/setup/github_controller_spec.rb @@ -5,7 +5,7 @@ describe "GET 'edit'" do it "returns http success" do get 'edit' - expect(response).to be_success + expect(response).to be_successful end it 'sets default orgs' do @@ -23,7 +23,7 @@ describe "PUT 'update'" do let(:settings) { {github_orgs: 'foocompany'} } - subject { put 'update', settings: settings } + subject { put 'update', params: { settings: settings }} it 'saves settings' do subject @@ -33,7 +33,7 @@ context 'with connect_github parameter' do it 'calls github_admin action' do expect(controller).to receive(:github_admin) { controller.redirect_to('foobar') } - put 'update', settings: settings, connect_github: 'connect' + put 'update', params: { settings: settings, connect_github: 'connect' } end end end diff --git a/spec/controllers/setup/ldap_controller_spec.rb b/spec/controllers/setup/ldap_controller_spec.rb index db3c569..3e278b4 100644 --- a/spec/controllers/setup/ldap_controller_spec.rb +++ b/spec/controllers/setup/ldap_controller_spec.rb @@ -5,7 +5,7 @@ describe "GET 'edit'" do it "returns http success" do get 'edit' - expect(response).to be_success + expect(response).to be_successful end it 'redirects to settings if application is already configured' do @@ -15,14 +15,14 @@ end it 'sets development defaults for localhost' do - allow(request).to receive(:host).and_return('localhost') + request.set_header("HTTP_HOST", 'localhost') get 'edit' expect(assigns(:settings).ldap_base).to eq('dc=example,dc=com') end end describe "PUT 'update'" do - subject { put 'update', settings: {ldap_host: 'foohost', ldap_port: 3389} } + subject { put 'update', params: { settings: { ldap_host: 'foohost', ldap_port: 3389 }}} let(:ldap) { double('ldap', bind: true).as_null_object } before do diff --git a/spec/controllers/setup/rules_controller_spec.rb b/spec/controllers/setup/rules_controller_spec.rb index be1d704..7aa27ba 100644 --- a/spec/controllers/setup/rules_controller_spec.rb +++ b/spec/controllers/setup/rules_controller_spec.rb @@ -5,12 +5,12 @@ describe "GET 'edit'" do it "returns http success" do get 'edit' - expect(response).to be_success + expect(response).to be_successful end end describe "PUT 'update'" do - subject { put 'update', settings: {rule_max_sync_age: 60} } + subject { put 'update', params: { settings: { rule_max_sync_age: 60 }}} it 'saves settings' do subject diff --git a/spec/controllers/users_controller_spec.rb b/spec/controllers/users_controller_spec.rb index 62181e3..3678578 100644 --- a/spec/controllers/users_controller_spec.rb +++ b/spec/controllers/users_controller_spec.rb @@ -11,7 +11,7 @@ describe "GET 'index'" do it 'returns http success' do get 'index' - expect(response).to be_success + expect(response).to be_successful end it 'loads users in order' do @@ -24,15 +24,15 @@ describe "GET 'show'" do it "returns http success" do - get 'show', id: user.username - expect(response).to be_success + get 'show', params: { id: user.username } + expect(response).to be_successful end context 'with admin user' do it 'shows other users' do create(:user, username: 'otheruser', name: 'Other User') - get 'show', id: 'otheruser' - expect(response).to be_success + get 'show', params: { id: 'otheruser' } + expect(response).to be_successful expect(assigns(:user).username).to eq('otheruser') end end @@ -41,13 +41,13 @@ let(:user) { create(:user, name: 'Regular User') } it 'shows own user' do - get 'show', id: user.username - expect(response).to be_success + get 'show', params: { id: user.username } + expect(response).to be_successful end it 'does not show other users' do create(:user, username: 'otheruser', name: 'Other User') - get 'show', id: 'otheruser' + get 'show', params: { id: 'otheruser' } expect(response).to be_forbidden end end @@ -55,14 +55,14 @@ describe "GET 'edit'" do it "returns http success" do - get 'edit', id: user.username - expect(response).to be_success + get 'edit', params: { id: user.username } + expect(response).to be_successful end end describe "PATCH 'edit'" do it "redirects after save" do - patch 'update', id: user.username, user: {admin: 0} + patch 'update', params: { id: user.username, user: { admin: 0 } } expect(response).to be_redirect end end diff --git a/spec/factories/github_email.rb b/spec/factories/github_email.rb index 069c08c..6c76da5 100644 --- a/spec/factories/github_email.rb +++ b/spec/factories/github_email.rb @@ -1,4 +1,4 @@ -FactoryGirl.define do +FactoryBot.define do factory :github_email do sequence(:address) { |n| "githubemail#{n}@example.com" } github_user diff --git a/spec/factories/github_organization_membership.rb b/spec/factories/github_organization_membership.rb index 2ca28e0..4e0abd2 100644 --- a/spec/factories/github_organization_membership.rb +++ b/spec/factories/github_organization_membership.rb @@ -1,4 +1,4 @@ -FactoryGirl.define do +FactoryBot.define do factory :github_organization_membership do sequence(:organization) { |n| "org#{n}" } github_user diff --git a/spec/factories/github_team.rb b/spec/factories/github_team.rb index 5613108..50e31ce 100644 --- a/spec/factories/github_team.rb +++ b/spec/factories/github_team.rb @@ -1,4 +1,4 @@ -FactoryGirl.define do +FactoryBot.define do factory :github_team do sequence(:slug) { |n| "githubteam#{n}" } end diff --git a/spec/factories/github_user.rb b/spec/factories/github_user.rb index a989b05..5f04667 100644 --- a/spec/factories/github_user.rb +++ b/spec/factories/github_user.rb @@ -1,10 +1,10 @@ -FactoryGirl.define do +FactoryBot.define do factory :github_user do sequence(:login) { |n| "githubber#{n}" } factory :github_user_with_emails do transient do - emails_count 2 + emails_count { 2 } end after(:create) do |github_user, evaluator| diff --git a/spec/factories/user.rb b/spec/factories/user.rb index 88848a5..87c1f48 100644 --- a/spec/factories/user.rb +++ b/spec/factories/user.rb @@ -1,15 +1,15 @@ -FactoryGirl.define do +FactoryBot.define do factory :user do sequence(:username) { |n| "fakeuser#{n}" } factory :user_with_github_users do transient do - github_users_count 2 + github_users_count { 2 } end end factory :admin_user do - admin true + admin { true } end end end diff --git a/spec/mailers/user_mailer_spec.rb b/spec/mailers/user_mailer_spec.rb index cbb4c30..dc88299 100644 --- a/spec/mailers/user_mailer_spec.rb +++ b/spec/mailers/user_mailer_spec.rb @@ -1,16 +1,15 @@ require "rails_helper" -RSpec.describe UserMailer, :type => :mailer do +RSpec.describe UserMailer, type: :mailer do before do Rails.application.settings.email_base_url = 'http://localhost:3000' end describe '#access_revoked' do - subject(:mail) { UserMailer.access_revoked(user, github_user) } - - let(:user) { build(:user) } - let(:github_user) { build(:github_user, user: user) } + subject(:mail) { described_class.access_revoked(user, github_user) } + let(:user) { create(:user) } + let(:github_user) { create(:github_user, user: user) } it 'renders subject' do expect(mail.subject).to eq('GitHub Access Revoked') diff --git a/spec/models/github_user_spec.rb b/spec/models/github_user_spec.rb index cc93ba7..f1dbe42 100644 --- a/spec/models/github_user_spec.rb +++ b/spec/models/github_user_spec.rb @@ -375,6 +375,8 @@ it 'sends an access revoked mail' do Rails.application.settings.enforce_rules = true expect(UserMailer).to receive(:access_revoked).and_return(mail) + expect(mail).to receive(:deliver_later) + user.send(:do_notify_disabled, transition) end @@ -423,6 +425,7 @@ it 'sends an access revoked mail' do Rails.application.settings.enforce_rules = true expect(UserMailer).to receive(:access_revoked).and_return(mail) + expect(mail).to receive(:deliver_later) user.send(:do_notify_restricted, transition) end @@ -483,7 +486,7 @@ class MockRule < Rules::Base describe '#disable' do it 'calls do_disable' do - expect(user).to receive(:do_disable).with(kind_of(StateMachine::Transition)) + expect(user).to receive(:do_disable).with(kind_of(StateMachines::Transition)) user.disable end @@ -495,20 +498,20 @@ class MockRule < Rules::Base it 'calls do_notify_disabled with failing notify rules' do allow_any_instance_of(MockRule).to receive(:notify?).and_return(true) - expect(user).to receive(:do_notify_disabled).with(kind_of(StateMachine::Transition)) + expect(user).to receive(:do_notify_disabled).with(kind_of(StateMachines::Transition)) user.disable end it 'does not call do_notify_disabled without failing notify rules' do allow_any_instance_of(MockRule).to receive(:notify?).and_return(false) - expect(user).to_not receive(:do_notify_disabled).with(kind_of(StateMachine::Transition)) + expect(user).to_not receive(:do_notify_disabled).with(kind_of(StateMachines::Transition)) user.disable end end describe '#restrict' do it 'calls do_restrict' do - expect(user).to receive(:do_restrict).with(kind_of(StateMachine::Transition)) + expect(user).to receive(:do_restrict).with(kind_of(StateMachines::Transition)) user.restrict end @@ -520,13 +523,13 @@ class MockRule < Rules::Base it 'calls do_notify_restricted with failing notify rules' do allow_any_instance_of(MockRule).to receive(:notify?).and_return(true) - expect(user).to receive(:do_notify_restricted).with(kind_of(StateMachine::Transition)) + expect(user).to receive(:do_notify_restricted).with(kind_of(StateMachines::Transition)) user.restrict end it 'does not call do_notify_restricted without failing notify rules' do allow_any_instance_of(MockRule).to receive(:notify?).and_return(false) - expect(user).to_not receive(:do_notify_restricted).with(kind_of(StateMachine::Transition)) + expect(user).to_not receive(:do_notify_restricted).with(kind_of(StateMachines::Transition)) user.restrict end end @@ -583,7 +586,7 @@ class MockRule < Rules::Base describe '#enable' do it 'calls do_enable' do - expect(user).to receive(:do_enable).with(kind_of(StateMachine::Transition)) + expect(user).to receive(:do_enable).with(kind_of(StateMachines::Transition)) user.transition end end diff --git a/spec/models/user_spec.rb b/spec/models/user_spec.rb index 16fa1d8..2a10f71 100644 --- a/spec/models/user_spec.rb +++ b/spec/models/user_spec.rb @@ -83,7 +83,7 @@ end it 'saves ldap errors during sync' do - expect(user).to receive(:ldap_get_param).and_raise(Net::LDAP::LdapError) + expect(user).to receive(:ldap_get_param).and_raise(Net::LDAP::Error) user.sync_from_ldap! expect(user.last_ldap_sync).to be_nil expect(user.ldap_sync_error).to_not be_nil diff --git a/spec/rails_helper.rb b/spec/rails_helper.rb index 456464b..6eabf99 100644 --- a/spec/rails_helper.rb +++ b/spec/rails_helper.rb @@ -41,14 +41,16 @@ # https://relishapp.com/rspec/rspec-rails/docs config.infer_spec_type_from_file_location! - config.include FactoryGirl::Syntax::Methods - config.include Devise::TestHelpers, type: :controller - config.include Devise::TestHelpers, type: :view + FactoryBot.find_definitions + config.include FactoryBot::Syntax::Methods + + config.include Devise::Test::ControllerHelpers, type: :controller + config.include Devise::Test::ControllerHelpers, type: :view config.include ControllerHelpers, type: :controller config.before(:suite) do - FactoryGirl.lint - DatabaseCleaner.clean_with(:deletion) + FactoryBot.lint + DatabaseCleaner.clean_with :deletion, except: %w(public.ar_internal_metadata) end DatabaseCleaner.strategy = :deletion