Merge remote-tracking branch 'origin/master' into log-bounced-emails

This commit is contained in:
Karl Erik Õunapuu 2020-10-27 11:34:19 +02:00
commit fc34105c40
No known key found for this signature in database
GPG key ID: C9DD647298A34764
70 changed files with 791 additions and 4967 deletions

View file

@ -0,0 +1,52 @@
require 'serializers/registrant_api/company'
module Api
module V1
module Registrant
class CompaniesController < ::Api::V1::Registrant::BaseController
MAX_LIMIT = 200
MIN_OFFSET = 0
def index
result = error_result('limit') if limit > MAX_LIMIT || limit < 1
result = error_result('offset') if offset < MIN_OFFSET
result ||= companies_result(limit, offset)
render result
end
def current_user_companies
[:ok, current_registrant_user.companies]
rescue CompanyRegister::NotAvailableError
[:service_unavailable, []]
end
def limit
(params[:limit] || MAX_LIMIT).to_i
end
def offset
(params[:offset] || MIN_OFFSET).to_i
end
def error_result(attr_name)
{ json: { errors: [{ attr_name.to_sym => ['parameter is out of range'] }] },
status: :bad_request }
end
def companies_result(limit, offset)
status, all_companies = current_user_companies
@companies = all_companies.drop(offset).first(limit)
serialized_companies = @companies.map do |item|
country_code = current_registrant_user.country.alpha3
serializer = ::Serializers::RegistrantApi::Company.new(company: item,
country_code: country_code)
serializer.to_json
end
{ json: { companies: serialized_companies }, status: status }
end
end
end
end
end

View file

@ -91,7 +91,7 @@ module Api
private
def current_user_contacts
current_registrant_user.contacts
current_registrant_user.contacts(representable: false)
rescue CompanyRegister::NotAvailableError
current_registrant_user.direct_contacts
end

View file

@ -343,7 +343,9 @@ module Epp
end
def epp_session_id
cookies[:session] # Passed by mod_epp https://github.com/mod-epp/mod-epp#requestscript-interface
# Passed by EPP proxy
# https://github.com/internetee/epp_proxy#translation-of-epp-calls
cookies[:session]
end
def ensure_session_id_passed

View file

@ -1,81 +1,6 @@
class Registrant::SessionsController < Devise::SessionsController
layout 'registrant/application'
def login_mid
@user = User.new
end
def mid
phone = params[:user][:phone]
endpoint = "#{ENV['sk_digi_doc_service_endpoint']}"
client = Digidoc::Client.new(endpoint)
client.logger = Rails.application.config.logger unless Rails.env.test?
# country_codes = {'+372' => 'EST'}
response = client.authenticate(
phone: "+372#{phone}",
message_to_display: 'Authenticating',
service_name: ENV['sk_digi_doc_service_name'] || 'Testing'
)
if response.faultcode
render json: { message: response.detail.message }, status: :unauthorized
return
end
@user = RegistrantUser.find_or_create_by_mid_data(response)
if @user.persisted?
session[:user_country] = response.user_country
session[:user_id_code] = response.user_id_code
session[:mid_session_code] = client.session_code
render json: {
message: t(:confirmation_sms_was_sent_to_your_phone_verification_code_is, { code: response.challenge_id })
}, status: :ok
else
render json: { message: t(:no_such_user) }, status: :unauthorized
end
end
def mid_status
endpoint = "#{ENV['sk_digi_doc_service_endpoint']}"
client = Digidoc::Client.new(endpoint)
client.logger = Rails.application.config.logger unless Rails.env.test?
client.session_code = session[:mid_session_code]
auth_status = client.authentication_status
case auth_status.status
when 'OUTSTANDING_TRANSACTION'
render json: { message: t(:check_your_phone_for_confirmation_code) }, status: :ok
when 'USER_AUTHENTICATED'
@user = RegistrantUser.find_by(registrant_ident: "#{session[:user_country]}-#{session[:user_id_code]}")
sign_in(:registrant_user, @user)
flash[:notice] = t(:welcome)
flash.keep(:notice)
render js: "window.location = '#{registrant_root_path}'"
when 'NOT_VALID'
render json: { message: t(:user_signature_is_invalid) }, status: :bad_request
when 'EXPIRED_TRANSACTION'
render json: { message: t(:session_timeout) }, status: :bad_request
when 'USER_CANCEL'
render json: { message: t(:user_cancelled) }, status: :bad_request
when 'MID_NOT_READY'
render json: { message: t(:mid_not_ready) }, status: :bad_request
when 'PHONE_ABSENT'
render json: { message: t(:phone_absent) }, status: :bad_request
when 'SENDING_ERROR'
render json: { message: t(:sending_error) }, status: :bad_request
when 'SIM_ERROR'
render json: { message: t(:sim_error) }, status: :bad_request
when 'INTERNAL_ERROR'
render json: { message: t(:internal_error) }, status: :bad_request
else
render json: { message: t(:internal_error) }, status: :bad_request
end
end
private
def after_sign_in_path_for(_resource_or_scope)

View file

@ -49,102 +49,6 @@ class Registrar
end
end
def id_card
self.resource = warden.authenticate!(auth_options)
restricted_ip = Authorization::RestrictedIP.new(request.ip)
ip_allowed = restricted_ip.can_access_registrar_area?(resource.registrar)
unless ip_allowed
render plain: t('registrar.authorization.ip_not_allowed', ip: request.ip)
warden.logout(:registrar_user)
return
end
set_flash_message!(:notice, :signed_in)
sign_in(resource_name, resource)
yield resource if block_given?
respond_with resource, location: after_sign_in_path_for(resource)
end
def login_mid
@user = User.new
end
def mid
phone = params[:user][:phone]
endpoint = "#{ENV['sk_digi_doc_service_endpoint']}"
client = Digidoc::Client.new(endpoint)
client.logger = Rails.application.config.logger unless Rails.env.test?
# country_codes = {'+372' => 'EST'}
phone.gsub!('+372', '')
response = client.authenticate(
phone: "+372#{phone}",
message_to_display: 'Authenticating',
service_name: ENV['sk_digi_doc_service_name'] || 'Testing'
)
if response.faultcode
render json: { message: response.detail.message }, status: :unauthorized
return
end
if Setting.registrar_ip_whitelist_enabled
@user = find_user_by_idc_and_allowed(response.user_id_code)
else
@user = find_user_by_idc(response.user_id_code)
end
if @user.persisted?
session[:user_id_code] = response.user_id_code
session[:mid_session_code] = client.session_code
render json: {
message: t(:confirmation_sms_was_sent_to_your_phone_verification_code_is, { code: response.challenge_id })
}, status: :ok
else
render json: { message: t(:no_such_user) }, status: :unauthorized
end
end
def mid_status
endpoint = "#{ENV['sk_digi_doc_service_endpoint']}"
client = Digidoc::Client.new(endpoint)
client.logger = Rails.application.config.logger unless Rails.env.test?
client.session_code = session[:mid_session_code]
auth_status = client.authentication_status
case auth_status.status
when 'OUTSTANDING_TRANSACTION'
render json: { message: t(:check_your_phone_for_confirmation_code) }, status: :ok
when 'USER_AUTHENTICATED'
@user = find_user_by_idc_and_allowed(session[:user_id_code])
sign_in(:registrar_user, @user)
flash[:notice] = t(:welcome)
flash.keep(:notice)
render js: "window.location = '#{after_sign_in_path_for(@user)}'"
when 'NOT_VALID'
render json: { message: t(:user_signature_is_invalid) }, status: :bad_request
when 'EXPIRED_TRANSACTION'
render json: { message: t(:session_timeout) }, status: :bad_request
when 'USER_CANCEL'
render json: { message: t(:user_cancelled) }, status: :bad_request
when 'MID_NOT_READY'
render json: { message: t(:mid_not_ready) }, status: :bad_request
when 'PHONE_ABSENT'
render json: { message: t(:phone_absent) }, status: :bad_request
when 'SENDING_ERROR'
render json: { message: t(:sending_error) }, status: :bad_request
when 'SIM_ERROR'
render json: { message: t(:sim_error) }, status: :bad_request
when 'INTERNAL_ERROR'
render json: { message: t(:internal_error) }, status: :bad_request
else
render json: { message: t(:internal_error) }, status: :bad_request
end
end
private
def depp_controller?

View file

@ -0,0 +1,40 @@
module Sso
class TaraController < ApplicationController
skip_authorization_check
def registrant_callback
user = RegistrantUser.find_or_create_by_omniauth_data(user_hash)
callback(user, registrar: false)
end
def registrar_callback
user = ApiUser.from_omniauth(user_hash)
callback(user, registrar: true)
end
# rubocop:disable Style/AndOr
def callback(user, registrar: true)
session[:omniauth_hash] = user_hash
(show_error(registrar: registrar) and return) unless user
flash[:notice] = t(:signed_in_successfully)
sign_in_and_redirect(registrar ? :registrar_user : :registrant_user, user)
end
# rubocop:enable Style/AndOr
def cancel
redirect_to root_path, notice: t(:sign_in_cancelled)
end
def show_error(registrar: true)
path = registrar ? new_registrar_user_session_url : new_registrant_user_session_url
redirect_to path, alert: t(:no_such_user)
end
private
def user_hash
request.env['omniauth.auth']
end
end
end