Add the possibility to enable/disable default OAuths (#303)

2025-12-16 03:37:56 +01:00 · 2024-03-05 18:13:16 +01:00
parent 719f1ad4e9
commit 32d19cbe7c
31 changed files with 508 additions and 131 deletions
--- a/app/controllers/likes_controller.rb
+++ b/app/controllers/likes_controller.rb
@@ -11,7 +11,7 @@ class LikesController < ApplicationController
      .left_outer_joins(:user)
      .where(post_id: params[:post_id])

-      render json: likes
+    render json: likes
  end

  def create
--- a/app/controllers/o_auths_controller.rb
+++ b/app/controllers/o_auths_controller.rb
@@ -5,12 +5,16 @@ class OAuthsController < ApplicationController

  before_action :authenticate_admin, only: [:index, :create, :update, :destroy]

-  TOKEN_STATE_SEPARATOR = '-'
+  TOKEN_STATE_SEPARATOR = ','

  # [subdomain.]base_url/o_auths/:id/start?reason=login|test|tenantsignup
  # Generates authorize url with required parameters and redirects to provider
  def start
-    @o_auth = OAuth.unscoped.include_defaults.find(params[:id])
+    if params[:reason] == 'tenantsignup'
+      @o_auth = OAuth.include_only_defaults.find(params[:id])
+    else
+      @o_auth = OAuth.include_defaults.find(params[:id])
+    end
    
    return if params[:reason] != 'test' and not @o_auth.is_enabled?

@@ -31,15 +35,17 @@ class OAuthsController < ApplicationController
    return unless cookies[:token_state] == params[:state]
    cookies.delete(:token_state, domain: ".#{request.domain}")

-    @o_auth = OAuth.unscoped.include_defaults.find(params[:id])
+    # if it is a default oauth, tenant is not yet set
+    Current.tenant ||= Tenant.find_by(subdomain: tenant_domain)
+
+    if reason == 'tenantsignup'
+      @o_auth = OAuth.include_only_defaults.find(params[:id])
+    else
+      @o_auth = OAuth.include_defaults.find(params[:id])
+    end

    return if reason != 'test' and not @o_auth.is_enabled?

-    # If it is a default OAuth we need to set the tenant
-    if @o_auth.is_default?
-      Current.tenant = Tenant.find_by(subdomain: tenant_domain)
-    end
-
    user_profile = OAuthExchangeAuthCodeForProfileWorkflow.new(
      authorization_code: params[:code],
      o_auth: @o_auth
@@ -80,12 +86,20 @@ class OAuthsController < ApplicationController

    elsif reason == 'tenantsignup'

-      @o_auths = []
+      @o_auths = @o_auths = OAuth.unscoped.where(tenant_id: nil, is_enabled: true)
+
      @user_email = query_path_from_object(user_profile, @o_auth.json_user_email_path)
      if not @o_auth.json_user_name_path.blank?
        @user_name = query_path_from_object(user_profile, @o_auth.json_user_name_path)
      end
-      @o_auth_login_completed = true
+
+      @o_auth_login_completed = (not @user_email.blank?)
+
+      if not @o_auth_login_completed
+        flash[:alert] = I18n.t('errors.o_auth_login_error', name: @o_auth.name)
+        redirect_to signup_url
+        return
+      end

      session[:o_auth_sign_up] = "#{@user_email},#{@user_name}"

@@ -124,7 +138,9 @@ class OAuthsController < ApplicationController
  def index
    authorize OAuth

-    @o_auths = OAuth.include_defaults.order(created_at: :asc)
+    @o_auths = OAuth
+      .include_all_defaults
+      .order(tenant_id: :asc, created_at: :asc)

    render json: to_json_custom(@o_auths)
  end
@@ -175,7 +191,7 @@ class OAuthsController < ApplicationController

    def to_json_custom(o_auth)
      o_auth.as_json(
-        methods: :callback_url,
+        methods: [:callback_url, :default_o_auth_is_enabled],
        except: [:client_secret]
      )
    end
--- a/app/controllers/tenant_default_o_auths_controller.rb
+++ b/app/controllers/tenant_default_o_auths_controller.rb
@@ -0,0 +1,35 @@
+class TenantDefaultOAuthsController < ApplicationController
+  include ApplicationHelper
+
+  before_action :authenticate_admin, only: [:create, :destroy]
+
+  def create
+    enabled_default_oauth = TenantDefaultOAuth.new(o_auth_id: params[:o_auth_id])
+
+    if enabled_default_oauth.save
+      render json: {
+        id: params[:o_auth_id]
+      }, status: :created
+    else
+      render json: {
+        error: enabled_default_oauth.errors.full_messages
+      }, status: :unprocessable_entity
+    end
+  end
+
+  def destroy
+    enabled_default_oauth = TenantDefaultOAuth.find_by(o_auth_id: params[:o_auth_id])
+    
+    return if enabled_default_oauth.nil?
+
+    if enabled_default_oauth.destroy
+      render json: {
+        id: params[:o_auth_id],
+      }, status: :accepted
+    else
+      render json: {
+        error: enabled_default_oauth.errors.full_messages
+      }, status: :unprocessable_entity
+    end
+  end
+end
--- a/app/controllers/tenants_controller.rb
+++ b/app/controllers/tenants_controller.rb
@@ -5,7 +5,7 @@ class TenantsController < ApplicationController

  def new
    @page_title = "Create your feedback space"
-    @o_auths = OAuth.unscoped.where(tenant_id: nil)
+    @o_auths = OAuth.unscoped.where(tenant_id: nil, is_enabled: true)
  end

  def show
@@ -46,6 +46,9 @@ class TenantsController < ApplicationController
      @user.save!

      CreateWelcomeEntitiesWorkflow.new().run
+      OAuth.include_only_defaults.each do |o_auth|
+        TenantDefaultOAuth.create(o_auth_id: o_auth.id)
+      end

      logger.info { "New tenant registration: #{Current.tenant.inspect}" }