diff --git a/app/models/user.rb b/app/models/user.rb index d5029281..3dc5536b 100644 --- a/app/models/user.rb +++ b/app/models/user.rb @@ -52,7 +52,7 @@ class User < ApplicationRecord # rubocop:disable Metrics/ClassLength # Technical fields validates :login_enabled, inclusion: [true, false] validate :password_when_activated? - validate :allow_tomato_sharing_valid? + validate :allow_sofia_sharing_valid? # Preferences validates :almanak_subscription_preference, presence: true, inclusion: { @@ -82,7 +82,7 @@ class User < ApplicationRecord # rubocop:disable Metrics/ClassLength scope :activated, (-> { where('activated_at < ?', Time.zone.now) }) scope :contactsync_users, (-> { where.not(webdav_secret_key: nil) }) - scope :tomato_users, (-> { where(allow_tomato_sharing: true) }) + scope :sofia_users, (-> { where(allow_sofia_sharing: true) }) scope :login_enabled, (-> { where(login_enabled: true) }) scope :sidekiq_access, (-> { where(sidekiq_access: true) }) scope :birthday, (lambda { |month = Time.zone.now.month, day = Time.zone.now.day| @@ -211,10 +211,10 @@ def password_when_activated? password_digest.blank? end - def allow_tomato_sharing_valid? - return unless allow_tomato_sharing_changed?(from: true, to: false) + def allow_sofia_sharing_valid? + return unless allow_sofia_sharing_changed?(from: true, to: false) - errors.add(:allow_tomato_sharing, + errors.add(:allow_sofia_sharing, 'before being removed from sofia your credits needs to be zero. Please ask the board to be removed from sofia.') end diff --git a/app/policies/user_policy.rb b/app/policies/user_policy.rb index 147b411b..3155a41b 100644 --- a/app/policies/user_policy.rb +++ b/app/policies/user_policy.rb @@ -3,13 +3,13 @@ class Scope < ApplicationPolicy::Scope def resolve if user scope - elsif tomato? - scope.tomato_users + elsif sofia? + scope.sofia_users end end - def tomato? - @application&.scopes&.include? 'tomato' + def sofia? + @application&.scopes&.include?('tomato') || @application.scopes.include?('sofia') end end diff --git a/app/resources/v1/user_resource.rb b/app/resources/v1/user_resource.rb index bef3359f..4db5e959 100644 --- a/app/resources/v1/user_resource.rb +++ b/app/resources/v1/user_resource.rb @@ -6,7 +6,7 @@ class V1::UserResource < V1::ApplicationResource # rubocop:disable Metrics/Class :phone_number, :food_preferences, :vegetarian, :study, :start_study, :picture_publication_preference, :ical_secret_key, :webdav_secret_key, :password, :avatar, :avatar_url, :avatar_thumb_url, - :user_details_sharing_preference, :allow_tomato_sharing + :user_details_sharing_preference, :allow_sofia_sharing def avatar_url @model.avatar.url @@ -57,14 +57,14 @@ def fetchable_fields allowed_keys += %i[login_enabled otp_required activated_at emergency_contact emergency_number ifes_data_sharing_preference info_in_almanak almanak_subscription_preference digtus_subscription_preference - user_details_sharing_preference allow_tomato_sharing] + user_details_sharing_preference allow_sofia_sharing] end allowed_keys += %i[picture_publication_preference] if read_or_me? - if read_user_details? && !application_is_tomato? + if read_user_details? && !application_is_sofia? allowed_keys += %i[email birthday address postcode city phone_number food_preferences vegetarian study start_study] end - allowed_keys += %i[email birthday] if application_is_tomato? && @model.allow_tomato_sharing + allowed_keys += %i[email birthday] if application_is_sofia? && @model.allow_sofia_sharing super && allowed_keys end # rubocop:enable all @@ -76,7 +76,7 @@ def self.creatable_fields(context) # rubocop:disable Metrics/MethodLength emergency_contact emergency_number] if me?(context) attributes += %i[otp_required password - user_details_sharing_preference allow_tomato_sharing + user_details_sharing_preference allow_sofia_sharing picture_publication_preference info_in_almanak ifes_data_sharing_preference] end @@ -141,10 +141,10 @@ def read_user_details? me? || update_or_me?) end - def application_is_tomato? + def application_is_sofia? return false unless context.key?(:application) && context.fetch(:application) - context.fetch(:application).scopes.to_a.include?('tomato') + context.fetch(:application).scopes.to_a.include?('tomato') || context.fetch(:application).scopes.to_a.include?('sofia') end def update_or_me? diff --git a/config/initializers/doorkeeper.rb b/config/initializers/doorkeeper.rb index 5dad1580..781e0808 100644 --- a/config/initializers/doorkeeper.rb +++ b/config/initializers/doorkeeper.rb @@ -8,7 +8,7 @@ hash_token_secrets hash_application_secrets - optional_scopes :tomato + optional_scopes :tomato, :sofia # See https://github.com/doorkeeper-gem/doorkeeper/wiki/Using-Resource-Owner-Password-Credentials-flow grant_flows %w[password authorization_code client_credentials] @@ -42,12 +42,13 @@ after_successful_authorization do |_, auth| # To SOFIA, a CodeResponse is returned if auth.auth.is_a?(Doorkeeper::OAuth::CodeResponse) - # We are only interested authorization for the tomato scope - is_tomato = auth.auth.pre_auth.scopes.include?('tomato') + # We are only interested authorization for the tomato or sofia scope + # Check if either 'tomato' or 'sofia' is included in the scopes + is_sofia = auth.auth.pre_auth.scopes.include?('tomato') || auth.auth.pre_auth.scopes.include?('sofia') user = auth.auth.pre_auth.resource_owner - if is_tomato && !user.allow_tomato_sharing - user.allow_tomato_sharing = true + if is_sofia && !user.allow_sofia_sharing + user.allow_sofia_sharing = true user.save! end end diff --git a/spec/models/user_spec.rb b/spec/models/user_spec.rb index d4af85df..6ec8abf2 100644 --- a/spec/models/user_spec.rb +++ b/spec/models/user_spec.rb @@ -218,19 +218,19 @@ end end - context 'when allow_tomato_sharing is changed' do + context 'when allow_sofia_sharing is changed' do context 'from nil to false' do - let(:user) { create(:user, allow_tomato_sharing: nil) } + let(:user) { create(:user, allow_sofia_sharing: nil) } - before { user.allow_tomato_sharing = false } + before { user.allow_sofia_sharing = false } it { expect(user).to be_valid } end context 'from true to false' do - let(:user) { create(:user, allow_tomato_sharing: true) } + let(:user) { create(:user, allow_sofia_sharing: true) } - before { user.allow_tomato_sharing = false } + before { user.allow_sofia_sharing = false } it { expect(user).not_to be_valid } end @@ -333,10 +333,10 @@ end end - describe '.tomato_users' do + describe '.sofia_users' do it do - expect { create(:user, allow_tomato_sharing: true) }.to( - change { described_class.tomato_users.count }.by(1) + expect { create(:user, allow_sofia_sharing: true) }.to( + change { described_class.sofia_users.count }.by(1) ) end end diff --git a/spec/policies/user_policy_spec.rb b/spec/policies/user_policy_spec.rb index 96f239fd..6af41db9 100644 --- a/spec/policies/user_policy_spec.rb +++ b/spec/policies/user_policy_spec.rb @@ -16,19 +16,32 @@ it { expect(policy).to permit(user, create(:user)) } end - describe 'when with tomato application' do - let(:application) { Doorkeeper::Application.create(name: 'Tomato', scopes: 'tomato') } + describe 'when with sofia application' do + let(:application) { Doorkeeper::Application.create(name: 'Sofia', scopes: 'sofia') } it do expect(policy).to permit(application, - create(:user, allow_tomato_sharing: true)) + create(:user, allow_sofia_sharing: true)) end it do expect(policy).not_to permit(application, - create(:user, allow_tomato_sharing: false)) + create(:user, allow_sofia_sharing: false)) end end + describe 'when with old sofia application' do + let(:application) { Doorkeeper::Application.create(name: 'Old Sofia', scopes: 'tomato') } + + it do + expect(policy).to permit(application, + create(:user, allow_sofia_sharing: true)) + end + + it do + expect(policy).not_to permit(application, + create(:user, allow_sofia_sharing: false)) + end + end end permissions :update? do diff --git a/spec/resources/v1/user_resource_spec.rb b/spec/resources/v1/user_resource_spec.rb index 019c25a7..17966104 100644 --- a/spec/resources/v1/user_resource_spec.rb +++ b/spec/resources/v1/user_resource_spec.rb @@ -15,7 +15,7 @@ %i[login_enabled otp_required activated_at emergency_contact emergency_number ifes_data_sharing_preference info_in_almanak almanak_subscription_preference digtus_subscription_preference - user_details_sharing_preference allow_tomato_sharing] + user_details_sharing_preference allow_sofia_sharing] end let(:read_fields) do %i[picture_publication_preference] @@ -24,7 +24,7 @@ %i[email birthday address postcode city phone_number food_preferences vegetarian study start_study] end - let(:tomato_fields) do + let(:sofia_fields) do %i[email birthday] end let(:another_user) { create(:user, user_details_sharing_preference: 'hidden') } @@ -110,17 +110,17 @@ it { expect(resource.fetchable_fields).to match_array(basic_fields) } - context 'when with tomato scope' do - let(:application) { create(:application, scopes: 'public tomato') } + context 'when with sofia scope' do + let(:application) { create(:application, scopes: 'public sofia') } context 'when without allowance' do it { expect(resource.fetchable_fields).to match_array(basic_fields) } end context 'when with allowance' do - let(:another_user) { create(:user, allow_tomato_sharing: true) } + let(:another_user) { create(:user, allow_sofia_sharing: true) } - it { expect(resource.fetchable_fields).to match_array(basic_fields + tomato_fields) } + it { expect(resource.fetchable_fields).to match_array(basic_fields + sofia_fields) } end end end @@ -141,7 +141,7 @@ user_permissions login_enabled] end let(:current_user_fields) do - %i[otp_required password user_details_sharing_preference allow_tomato_sharing + %i[otp_required password user_details_sharing_preference allow_sofia_sharing info_in_almanak ifes_data_sharing_preference picture_publication_preference] end