Release v0.16.0.pre (#33)

* Add shop registration

* Update version

* Update controller template

* Update engine.rb

* Fix some offenses

* Update error handling in authentications controller. Rename files

* Delete unused files. Update install generator

* Add mounting_path config

* Rename functions and variables

* Fix rubocop offenses

* Fix rubocop offenses

* Fix rubocop offenses

* Fix rubocop todo

.rubocop_todo.yml

@@ -1,28 +1,48 @@
 # This configuration was generated by
 # `rubocop --auto-gen-config`
-# on 2020-05-18 14:45:00 +0200 using RuboCop version 0.83.0.
+# on 2020-06-26 09:07:55 UTC using RuboCop version 0.86.0.
 # The point is for the user to remove these configuration records
 # one by one as the offenses are removed from the code base.
 # Note that changes in the inspected code, or installation of new
 # versions of RuboCop, may require this file to be generated again.
 
-# Offense count: 5
+# Offense count: 3
+# Cop supports --auto-correct.
+# Configuration parameters: EnforcedStyle, IndentationWidth.
+# SupportedStyles: aligned, indented
+Layout/MultilineOperationIndentation:
+  Exclude:
+    - 'app/form_builders/beyond_canvas/form_builder.rb'
+
+# Offense count: 1
+Lint/UriEscapeUnescape:
+  Exclude:
+    - 'app/controllers/concerns/beyond_canvas/request_validation.rb'
+
+# Offense count: 6
 # Configuration parameters: IgnoredMethods.
 Metrics/AbcSize:
+  Max: 30
+
+# Offense count: 1
+# Configuration parameters: CountComments, ExcludedMethods.
+# ExcludedMethods: refine
+Metrics/BlockLength:
   Max: 28
 
-# Offense count: 2
+# Offense count: 4
 # Configuration parameters: CountComments, ExcludedMethods.
 Metrics/MethodLength:
   Max: 18
 
-# Offense count: 2
+# Offense count: 3
 Rails/OutputSafety:
   Exclude:
     - 'app/form_builders/beyond_canvas/form_builder.rb'
     - 'config/initializers/beyond_canvas/form_utils.rb'
 
 # Offense count: 1
+# Cop supports --auto-correct.
 # Configuration parameters: Include.
 # Include: **/Rakefile, **/*.rake
 Rails/RakeEnvironment:

CHANGELOG.md

@@ -1,3 +1,9 @@
+### v0.16.0.pre
+
+* features
+  * Add shop authentication functionality
+  * Add generators to create a model for authentication, controllers and views
+
 ### v0.15.3.pre
 
 * bug-fixes

Gemfile.lock

@@ -1,8 +1,10 @@
 PATH
   remote: .
   specs:
-    beyond_canvas (0.15.3.pre)
-      beyond_api (~> 0.8)
+    beyond_canvas (0.16.0.pre)
+      attr_encrypted (~> 3.1)
+      beyond_api (~> 0.11)
+      blind_index (~> 1.0)
       bourbon (~> 5.1)
       colorize (~> 0.8)
       http-accept (~> 2.1)
@@ -15,39 +17,47 @@ PATH
 GEM
   remote: https://rubygems.org/
   specs:
-    actionmailer (6.0.3.1)
-      actionpack (= 6.0.3.1)
-      actionview (= 6.0.3.1)
-      activejob (= 6.0.3.1)
+    actionmailer (6.0.3.2)
+      actionpack (= 6.0.3.2)
+      actionview (= 6.0.3.2)
+      activejob (= 6.0.3.2)
       mail (~> 2.5, >= 2.5.4)
       rails-dom-testing (~> 2.0)
-    actionpack (6.0.3.1)
-      actionview (= 6.0.3.1)
-      activesupport (= 6.0.3.1)
+    actionpack (6.0.3.2)
+      actionview (= 6.0.3.2)
+      activesupport (= 6.0.3.2)
       rack (~> 2.0, >= 2.0.8)
       rack-test (>= 0.6.3)
       rails-dom-testing (~> 2.0)
       rails-html-sanitizer (~> 1.0, >= 1.2.0)
-    actionview (6.0.3.1)
-      activesupport (= 6.0.3.1)
+    actionview (6.0.3.2)
+      activesupport (= 6.0.3.2)
       builder (~> 3.1)
       erubi (~> 1.4)
       rails-dom-testing (~> 2.0)
       rails-html-sanitizer (~> 1.1, >= 1.2.0)
-    activejob (6.0.3.1)
-      activesupport (= 6.0.3.1)
+    activejob (6.0.3.2)
+      activesupport (= 6.0.3.2)
       globalid (>= 0.3.6)
-    activesupport (6.0.3.1)
+    activesupport (6.0.3.2)
       concurrent-ruby (~> 1.0, >= 1.0.2)
       i18n (>= 0.7, < 2)
       minitest (~> 5.1)
       tzinfo (~> 1.1)
       zeitwerk (~> 2.2, >= 2.2.2)
     addressable (2.7.0)
       public_suffix (>= 2.0.2, < 5.0)
-    ast (2.4.0)
+    argon2 (2.0.2)
+      ffi (~> 1.9)
+      ffi-compiler (>= 0.1)
+    ast (2.4.1)
+    attr_encrypted (3.1.0)
+      encryptor (~> 3.0.0)
     beyond_api (0.11.1.pre)
       faraday (~> 0.15)
+    blind_index (1.0.2)
+      activesupport (>= 5)
+      argon2 (>= 2)
     bourbon (5.1.0)
       sass (~> 3.4)
       thor (~> 0.19)
@@ -57,15 +67,19 @@ GEM
     crass (1.0.6)
     css_parser (1.7.1)
       addressable
+    encryptor (3.0.0)
     erubi (1.9.0)
     faraday (0.17.3)
       multipart-post (>= 1.2, < 3)
     ffi (1.13.1)
+    ffi-compiler (1.0.1)
+      ffi (>= 1.0.0)
+      rake
     globalid (0.4.2)
       activesupport (>= 4.2.0)
     htmlentities (4.3.4)
     http-accept (2.1.1)
-    i18n (1.8.2)
+    i18n (1.8.3)
       concurrent-ruby (~> 1.0)
     inline_svg (1.7.1)
       activesupport (>= 3.0)
@@ -86,9 +100,9 @@ GEM
     multipart-post (2.1.1)
     nokogiri (1.10.9)
       mini_portile2 (~> 2.4.0)
-    parallel (1.19.1)
-    parser (2.7.1.2)
-      ast (~> 2.4.0)
+    parallel (1.19.2)
+    parser (2.7.1.4)
+      ast (~> 2.4.1)
     premailer (1.11.1)
       addressable
       css_parser (>= 1.6.0)
@@ -97,17 +111,17 @@ GEM
       actionmailer (>= 3)
       premailer (~> 1.7, >= 1.7.9)
     public_suffix (4.0.5)
-    rack (2.2.2)
+    rack (2.2.3)
     rack-test (1.1.0)
       rack (>= 1.0, < 3)
     rails-dom-testing (2.0.3)
       activesupport (>= 4.2.0)
       nokogiri (>= 1.6)
     rails-html-sanitizer (1.3.0)
       loofah (~> 2.3)
-    railties (6.0.3.1)
-      actionpack (= 6.0.3.1)
-      activesupport (= 6.0.3.1)
+    railties (6.0.3.2)
+      actionpack (= 6.0.3.2)
+      activesupport (= 6.0.3.2)
       method_source
       rake (>= 0.8.7)
       thor (>= 0.20.3, < 2.0)
@@ -116,18 +130,23 @@ GEM
     rb-fsevent (0.10.4)
     rb-inotify (0.10.1)
       ffi (~> 1.0)
+    regexp_parser (1.7.1)
     rexml (3.2.4)
-    rubocop (0.83.0)
+    rubocop (0.86.0)
       parallel (~> 1.10)
       parser (>= 2.7.0.1)
       rainbow (>= 2.2.2, < 4.0)
+      regexp_parser (>= 1.7)
       rexml
+      rubocop-ast (>= 0.0.3, < 1.0)
       ruby-progressbar (~> 1.7)
       unicode-display_width (>= 1.4.0, < 2.0)
-    rubocop-rails (2.5.2)
-      activesupport
+    rubocop-ast (0.0.3)
+      parser (>= 2.7.0.1)
+    rubocop-rails (2.6.0)
+      activesupport (>= 4.2.0)
       rack (>= 1.1)
-      rubocop (>= 0.72.0)
+      rubocop (>= 0.82.0)
     ruby-progressbar (1.10.1)
     sass (3.7.4)
       sass-listen (~> 4.0.0)

README.md

@@ -37,12 +37,6 @@
     //= require beyond_canvas
     ```
 
-1. Mount the engine in your routes file:
-
-    ```ruby
-    mount BeyondCanvas::Engine => "/<your-mounting-path>"
-    ```
-
 1. Run the generator:
 
     ```bash

app/controllers/beyond_canvas/authentications_controller.rb

@@ -0,0 +1,62 @@
+# frozen_string_literal: true
+
+require_dependency 'beyond_canvas/application_controller'
+
+module BeyondCanvas
+  class AuthenticationsController < ApplicationController # :nodoc:
+    layout 'beyond_canvas/public'
+
+    include ::BeyondCanvas::Authentication
+    include ::BeyondCanvas::ResourceManagement
+
+    before_action :validate_app_installation_request!, only: :new
+
+    def new
+      self.resource = resource_class.new
+    end
+
+    def create
+      # Search for the api url. If there is no record it creates a new record.
+      resource_params = new_resource_params
+      self.resource = resource_class.find_or_create_by(beyond_api_url: resource_params[:api_url])
+      # Assign the attributes to the record
+      raise ActiveRecord::RecordNotSaved unless resource.update(resource_params)
+      # Get and save access_token and refresh_token using the authentication code
+      raise BeyondApi::Error if resource.authenticate.is_a?(BeyondApi::Error)
+
+      redirect_to after_create_path
+    rescue ActiveRecord::RecordNotSaved, BeyondApi::Error, StandardError => e
+      logger.error "[BeyondCanvas] #{e.message}".red
+      send "handle_#{e.class.name.split('::').first.underscore}_exception", e
+    end
+
+    def update
+      create
+    end
+
+    private
+
+    def new_resource_params
+      send "new_#{resource_name}_params"
+    end
+
+    def after_create_path
+      new_resource_params[:return_url]
+    end
+
+    def handle_active_record_exception(_exception)
+      flash[:error] = t('beyond_canvas.authentications.failure')
+      render :new
+    end
+
+    def handle_beyond_api_exception(_exception)
+      flash[:error] = t('beyond_canvas.authentications.failure')
+      render :new
+    end
+
+    def handle_standard_error_exception(_exception)
+      flash[:error] = t('beyond_canvas.authentications.failure')
+      render :new
+    end
+  end
+end

app/controllers/concerns/beyond_canvas/authentication.rb

@@ -0,0 +1,24 @@
+# frozen_string_literal: true
+
+module BeyondCanvas
+  module Authentication # :nodoc:
+    extend ActiveSupport::Concern
+    AUTH_RESOURCE = BeyondCanvas.auth_model
+
+    class_eval <<-METHODS, __FILE__, __LINE__ + 1
+      def current_#{AUTH_RESOURCE}
+        instance_variable_get("@#{AUTH_RESOURCE}")
+      end
+
+      def new_#{AUTH_RESOURCE}_params
+        beyond_canvas_parameter_sanitizer.sanitize
+      end
+    METHODS
+
+    private
+
+    def beyond_canvas_parameter_sanitizer
+      @beyond_canvas_parameter_sanitizer ||= BeyondCanvas::ParameterSanitizer.new(AUTH_RESOURCE, params)
+    end
+  end
+end

app/controllers/concerns/beyond_canvas/resource_management.rb

@@ -0,0 +1,33 @@
+# frozen_string_literal: true
+
+module BeyondCanvas
+  module ResourceManagement # :nodoc:
+    extend ActiveSupport::Concern
+
+    included do
+      # Share some methods defined in the controller to make them available for the view
+      if respond_to?(:helper_method)
+        helpers = %w[resource resource_name resource_class]
+        helper_method(*helpers)
+      end
+    end
+
+    protected
+
+    def resource_name
+      BeyondCanvas.auth_model
+    end
+
+    def resource
+      instance_variable_get(:"@#{resource_name}")
+    end
+
+    def resource=(new_resource)
+      instance_variable_set(:"@#{resource_name}", new_resource)
+    end
+
+    def resource_class
+      resource_name.classify.constantize
+    end
+  end
+end

app/views/beyond_canvas/authentications/new.html.erb

@@ -0,0 +1,18 @@
+<div class='card card--padding'>
+
+  <%= form_for(resource, as: resource_name) do |f| %>
+
+    <h2 class='card__headline'>Install <%= BeyondCanvas.configuration.site_title %> in your shop</h2>
+
+    <%= f.hidden_field :code,             value: params[:code] || resource.code %>
+    <%= f.hidden_field :signature,        value: params[:signature] || resource.signature %>
+    <%= f.hidden_field :return_url,       value: params[:return_url] || resource.return_url %>
+    <%= f.hidden_field :api_url,          value: params[:api_url] || resource.api_url %>
+    <%= f.hidden_field :access_token_url, value: params[:access_token_url] || resource.access_token_url %>
+
+    <div class='form__actions--spaced'>
+      <%= f.button 'Save', type: :submit, class: 'button__solid--primary' %>
+    </div>
+
+  <% end %>
+</div>

beyond_canvas.gemspec

@@ -26,7 +26,9 @@ Gem::Specification.new do |spec|
 
   spec.required_ruby_version = '>= 2.5'
 
-  spec.add_dependency 'beyond_api',      '~> 0.8'
+  spec.add_dependency 'attr_encrypted',  '~> 3.1'
+  spec.add_dependency 'beyond_api',      '~> 0.11'
+  spec.add_dependency 'blind_index',     '~> 1.0'
   spec.add_dependency 'bourbon',         '~> 5.1'
   spec.add_dependency 'colorize',        '~> 0.8'
   spec.add_dependency 'http-accept',     '~> 2.1'

config/locales/en.yml

@@ -0,0 +1,4 @@
+en:
+  beyond_canvas:
+    authentications:
+      failure: Shop could not be saved