From b7e4c793201c7ce2f6537938933e7295d2c790a5 Mon Sep 17 00:00:00 2001 From: dblock Date: Sat, 23 Mar 2019 11:13:49 -0400 Subject: [PATCH 1/2] Removed unused file. --- lib/slack-ruby-bot-server/models.rb | 1 - 1 file changed, 1 deletion(-) delete mode 100644 lib/slack-ruby-bot-server/models.rb diff --git a/lib/slack-ruby-bot-server/models.rb b/lib/slack-ruby-bot-server/models.rb deleted file mode 100644 index a2450dd..0000000 --- a/lib/slack-ruby-bot-server/models.rb +++ /dev/null @@ -1 +0,0 @@ -require 'slack-ruby-bot-server/models/team' From 07e2bee54fb93976549db2f7e8c4c77125fcc129 Mon Sep 17 00:00:00 2001 From: dblock Date: Sat, 23 Mar 2019 14:27:03 -0400 Subject: [PATCH 2/2] Added Team#bot_user_id, activated_user_id and activated_user_access_token. --- .rubocop_todo.yml | 2 +- CHANGELOG.md | 3 +- Gemfile | 2 +- README.md | 7 ++--- UPGRADING.md | 30 +++++++++++++++++-- .../api/endpoints/teams_endpoint.rb | 19 +++++++++--- .../config/database_adapters/activerecord.rb | 4 +++ .../models/team/mongoid.rb | 3 ++ lib/slack-ruby-bot-server/version.rb | 2 +- .../20170307164946_create_teams_table.rb | 1 - .../20190323181453_add_activated_fields.rb | 7 +++++ .../sample_app_activerecord/db/schema.rb | 9 ++++-- spec/api/endpoints/teams_endpoint_spec.rb | 20 ++++++++++++- spec/database_adapters/activerecord/schema.rb | 5 +++- 14 files changed, 94 insertions(+), 20 deletions(-) create mode 100644 sample_apps/sample_app_activerecord/db/migrate/20190323181453_add_activated_fields.rb diff --git a/.rubocop_todo.yml b/.rubocop_todo.yml index 379231e..2fd3397 100644 --- a/.rubocop_todo.yml +++ b/.rubocop_todo.yml @@ -1,6 +1,6 @@ # This configuration was generated by # `rubocop --auto-gen-config` -# on 2019-02-25 14:24:34 -0500 using RuboCop version 0.58.2. +# on 2019-03-23 14:16:02 -0400 using RuboCop version 0.58.2. # The point is for the user to remove these configuration records # one by one as the offenses are removed from the code base. # Note that changes in the inspected code, or installation of new diff --git a/CHANGELOG.md b/CHANGELOG.md index 2910635..a37d10c 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,7 +1,8 @@ ### Changelog -#### 0.9.1 (Next) +#### 0.10.0 (Next) +* [#96](https://github.com/slack-ruby/slack-ruby-bot-server/pull/96): Added `Team#bot_user_id`, `activated_user_id` and `activated_user_access_token` - [@dblock](https://github.com/dblock). * Your contribution here. * [#95](https://github.com/slack-ruby/slack-ruby-bot-server/pull/95): Expose the optional `state` parameter that is returned from the Add to Slack button - [@aok-solutions](https://github.com/aok-solutions). diff --git a/Gemfile b/Gemfile index 9de6c60..856d1a3 100644 --- a/Gemfile +++ b/Gemfile @@ -5,6 +5,7 @@ when 'mongoid' then gem 'kaminari-mongoid' gem 'mongoid' gem 'mongoid-scroll' + gem 'mongoid-shell' when 'activerecord' then gem 'activerecord', '~> 5.0.0' gem 'otr-activerecord', '~> 1.2.1' @@ -26,7 +27,6 @@ group :development, :test do gem 'fabrication' gem 'faker' gem 'hyperclient' - gem 'mongoid-shell' gem 'rack-server-pages' gem 'rack-test' gem 'rake' diff --git a/README.md b/README.md index c1b789e..e6015e7 100644 --- a/README.md +++ b/README.md @@ -170,12 +170,11 @@ end ### Access Tokens -By default the implementation of [Team](lib/slack-ruby-bot-server/models/team) stores a `bot_access_token` that grants a certain amount of privileges to the bot user as described in [Slack OAuth Docs](https://api.slack.com/docs/oauth). You may not want a bot user at all, or may require different auth scopes, such as `users.profile:read` to access user profile information via `Slack::Web::Client#users_profile_get`. To obtain the non-bot access token make the following changes. +By default the implementation of [Team](lib/slack-ruby-bot-server/models/team) stores a `bot_access_token` as `token` that grants a certain amount of privileges to the bot user as described in [Slack OAuth Docs](https://api.slack.com/docs/oauth) along with `activated_user_access_token` that represents the token of the installing user. You may not want a bot user at all, or may require different auth scopes, such as `users.profile:read` to access user profile information via `Slack::Web::Client#users_profile_get`. To change required scopes make the following changes. 1) Configure your app to require additional scopes in Slack API under _OAuth_, _Permissions_ -2) Add `access_token` and, optionally, `scope` to your `Team` model -3) Change the _Add to Slack_ buttons to require the additional scope, eg. `https://slack.com/oauth/authorize?scope=bot,users.profile:read&client_id=...` -4) Store the access token returned from `Slack::Web::Client#oauth_access` and scope when creating a team in your `Teams` API endpoint. +2) Change the _Add to Slack_ buttons to require the additional scope, eg. `https://slack.com/oauth/authorize?scope=bot,users.profile:read&client_id=...` +3) The access token with the requested scopes will be stored as `activated_user_access_token`. You can see a sample implementation in [slack-sup#3a497b](https://github.com/dblock/slack-sup/commit/3a497b436d25d3a7738562655cda64b180ae0096). diff --git a/UPGRADING.md b/UPGRADING.md index 629fd06..20f1d6f 100644 --- a/UPGRADING.md +++ b/UPGRADING.md @@ -1,9 +1,35 @@ Upgrading Slack-Ruby-Bot-Server =============================== +### Upgrading to >= 0.10.0 + +#### New Team Fields + +The following fields have been added to `Team`. + +* `bot_user_id`: the bot `user_id` during installation +* `activated_user_id`: the installing Slack user `user_id` +* `activated_user_access_token`: the installing Slack user `access_token` + +No action is required for Mongoid. + +If you're using ActiveRecord, create a migration similar to [sample_apps/sample_app_activerecord/db/migrate/20190323181453_add_activated_fields.rb](sample_apps/sample_app_activerecord/db/migrate/20190323181453_add_activated_fields.rb) to add these fields. + +```ruby +class AddActivatedFields < ActiveRecord::Migration[5.0] + def change + add_column :teams, :bot_user_id, :string + add_column :teams, :activated_user_id, :string + add_column :teams, :activated_user_access_token, :string + end +end +``` + +See [#96](https://github.com/slack-ruby/slack-ruby-bot-server/pull/96) for more information. + ### Upgrading to >= 0.9.0 -### Removed Ping Worker +#### Removed Ping Worker The ping worker that was added in 0.7.0 has been removed in favor of a lower level implementation in slack-ruby-client. Remove any references to `ping` options. @@ -11,7 +37,7 @@ See [slack-ruby-client#226](https://github.com/slack-ruby/slack-ruby-client/pull ### Upgrading to >= 0.8.0 -### Different Asynchronous I/O Library +#### Different Asynchronous I/O Library The library now uses [async-websocket](https://github.com/socketry/async-websocket) instead of [celluloid-io](https://github.com/celluloid/celluloid-io). If your application is built on Celluloid you may need to make changes and use `Async::Reactor.run` and the likes. diff --git a/lib/slack-ruby-bot-server/api/endpoints/teams_endpoint.rb b/lib/slack-ruby-bot-server/api/endpoints/teams_endpoint.rb index 387ee6b..0b812b5 100644 --- a/lib/slack-ruby-bot-server/api/endpoints/teams_endpoint.rb +++ b/lib/slack-ruby-bot-server/api/endpoints/teams_endpoint.rb @@ -47,17 +47,28 @@ class TeamsEndpoint < Grape::API ) token = rc['bot']['bot_access_token'] + bot_user_id = rc['bot']['bot_user_id'] + user_id = rc['user_id'] + access_token = rc['access_token'] team = Team.where(token: token).first team ||= Team.where(team_id: rc['team_id']).first - if team && !team.active? + + if team + team.update_attributes!( + activated_user_id: user_id, + activated_user_access_token: access_token, + bot_user_id: bot_user_id + ) + raise "Team #{team.name} is already registered." if team.active? team.activate!(token) - elsif team - raise "Team #{team.name} is already registered." else team = Team.create!( token: token, team_id: rc['team_id'], - name: rc['team_name'] + name: rc['team_name'], + activated_user_id: user_id, + activated_user_access_token: access_token, + bot_user_id: bot_user_id ) end diff --git a/lib/slack-ruby-bot-server/config/database_adapters/activerecord.rb b/lib/slack-ruby-bot-server/config/database_adapters/activerecord.rb index a760341..1b61db9 100644 --- a/lib/slack-ruby-bot-server/config/database_adapters/activerecord.rb +++ b/lib/slack-ruby-bot-server/config/database_adapters/activerecord.rb @@ -12,11 +12,15 @@ def self.check! def self.init! return if ActiveRecord::Base.connection.tables.include?('teams') + ActiveRecord::Base.connection.create_table :teams do |t| t.string :team_id t.string :name t.string :domain t.string :token + t.string :bot_user_id + t.string :activated_user_id + t.string :activated_user_access_token t.boolean :active, default: true t.timestamps end diff --git a/lib/slack-ruby-bot-server/models/team/mongoid.rb b/lib/slack-ruby-bot-server/models/team/mongoid.rb index 883032b..9db195a 100644 --- a/lib/slack-ruby-bot-server/models/team/mongoid.rb +++ b/lib/slack-ruby-bot-server/models/team/mongoid.rb @@ -9,6 +9,9 @@ class Team field :domain, type: String field :token, type: String field :active, type: Boolean, default: true + field :bot_user_id, type: String + field :activated_user_id, type: String + field :activated_user_access_token, type: String include Methods diff --git a/lib/slack-ruby-bot-server/version.rb b/lib/slack-ruby-bot-server/version.rb index dd3f098..75df3eb 100644 --- a/lib/slack-ruby-bot-server/version.rb +++ b/lib/slack-ruby-bot-server/version.rb @@ -1,3 +1,3 @@ module SlackRubyBotServer - VERSION = '0.9.1'.freeze + VERSION = '0.10.0'.freeze end diff --git a/sample_apps/sample_app_activerecord/db/migrate/20170307164946_create_teams_table.rb b/sample_apps/sample_app_activerecord/db/migrate/20170307164946_create_teams_table.rb index a2b45af..407f610 100644 --- a/sample_apps/sample_app_activerecord/db/migrate/20170307164946_create_teams_table.rb +++ b/sample_apps/sample_app_activerecord/db/migrate/20170307164946_create_teams_table.rb @@ -6,7 +6,6 @@ def change t.boolean :active, default: true t.string :domain t.string :token - t.timestamps end end diff --git a/sample_apps/sample_app_activerecord/db/migrate/20190323181453_add_activated_fields.rb b/sample_apps/sample_app_activerecord/db/migrate/20190323181453_add_activated_fields.rb new file mode 100644 index 0000000..4437bec --- /dev/null +++ b/sample_apps/sample_app_activerecord/db/migrate/20190323181453_add_activated_fields.rb @@ -0,0 +1,7 @@ +class AddActivatedFields < ActiveRecord::Migration[5.0] + def change + add_column :teams, :bot_user_id, :string + add_column :teams, :activated_user_id, :string + add_column :teams, :activated_user_access_token, :string + end +end diff --git a/sample_apps/sample_app_activerecord/db/schema.rb b/sample_apps/sample_app_activerecord/db/schema.rb index 6d6c44f..19640d4 100644 --- a/sample_apps/sample_app_activerecord/db/schema.rb +++ b/sample_apps/sample_app_activerecord/db/schema.rb @@ -10,7 +10,7 @@ # # It's strongly recommended that you check this file into your version control system. -ActiveRecord::Schema.define(version: 20_170_307_164_946) do +ActiveRecord::Schema.define(version: 20_190_323_181_453) do # These are extensions that must be enabled in order to support this database enable_extension 'plpgsql' @@ -20,7 +20,10 @@ t.boolean 'active', default: true t.string 'domain' t.string 'token' - t.datetime 'created_at', null: false - t.datetime 'updated_at', null: false + t.datetime 'created_at', null: false + t.datetime 'updated_at', null: false + t.string 'bot_user_id' + t.string 'activated_user_id' + t.string 'activated_user_access_token' end end diff --git a/spec/api/endpoints/teams_endpoint_spec.rb b/spec/api/endpoints/teams_endpoint_spec.rb index 00fc151..d23dcfc 100644 --- a/spec/api/endpoints/teams_endpoint_spec.rb +++ b/spec/api/endpoints/teams_endpoint_spec.rb @@ -47,7 +47,16 @@ context 'register' do before do - oauth_access = { 'bot' => { 'bot_access_token' => 'token' }, 'team_id' => 'team_id', 'team_name' => 'team_name' } + oauth_access = { + 'bot' => { + 'bot_access_token' => 'token', + 'bot_user_id' => 'bot_user_id' + }, + 'access_token' => 'access_token', + 'user_id' => 'user_id', + 'team_id' => 'team_id', + 'team_name' => 'team_name' + } ENV['SLACK_CLIENT_ID'] = 'client_id' ENV['SLACK_CLIENT_SECRET'] = 'client_secret' allow_any_instance_of(Slack::Web::Client).to receive(:oauth_access).with( @@ -70,6 +79,9 @@ expect(team.name).to eq 'team_name' team = Team.find(team.id) expect(team.token).to eq 'token' + expect(team.activated_user_access_token).to eq 'access_token' + expect(team.activated_user_id).to eq 'user_id' + expect(team.bot_user_id).to eq 'bot_user_id' end.to change(Team, :count).by(1) end @@ -89,6 +101,9 @@ team = Team.find(team.id) expect(team.token).to eq 'token' expect(team.active).to be true + expect(team.activated_user_access_token).to eq 'access_token' + expect(team.activated_user_id).to eq 'user_id' + expect(team.bot_user_id).to eq 'bot_user_id' end.to_not change(Team, :count) end it 'returns a useful error when team already exists' do @@ -109,6 +124,9 @@ team = Team.find(team.id) expect(team.token).to eq 'token' expect(team.active).to be true + expect(team.activated_user_access_token).to eq 'access_token' + expect(team.activated_user_id).to eq 'user_id' + expect(team.bot_user_id).to eq 'bot_user_id' end.to_not change(Team, :count) end end diff --git a/spec/database_adapters/activerecord/schema.rb b/spec/database_adapters/activerecord/schema.rb index bf04f0f..7e2aaf8 100644 --- a/spec/database_adapters/activerecord/schema.rb +++ b/spec/database_adapters/activerecord/schema.rb @@ -6,9 +6,12 @@ create_table :teams, force: true do |t| t.string :team_id t.string :name - t.boolean :active, default: true t.string :domain t.string :token + t.string :bot_user_id + t.string :activated_user_id + t.string :activated_user_access_token + t.boolean :active, default: true t.timestamps end