refac: Use sinatra instead of Roda. Add more specs

Author: Jurgens du Toit

Rakefile

@@ -1,6 +1,7 @@
 require 'rubygems'
 require 'bundler/gem_tasks'
 require 'rspec/core/rake_task'
+require 'proxes/rake_tasks'
 
 RSpec::Core::RakeTask.new(:spec)
 

Vagrantfile

@@ -2,7 +2,7 @@
 # vi: set ft=ruby :
 
 Vagrant.configure(2) do |config|
-  config.vm.box = "ubuntu/trusty64"
+  config.vm.box = "ubuntu/xenial64"
 
   config.vm.network :private_network, ip: '172.16.248.110'
 
@@ -16,7 +16,7 @@ Vagrant.configure(2) do |config|
     sudo apt-get install -y screen curl git build-essential libssl-dev
 
     # Ruby
-    sudo apt-get install ruby2.0
+    sudo apt-get install -y ruby2.3 ruby2.3-dev
     # if [ ! -f /home/vagrant/.rvm/scripts/rvm ]
     # then
     #     gpg --keyserver hkp://keys.gnupg.net --recv-keys 409B6B1796C275462A1703113804BB82D39DC0E3
@@ -27,7 +27,7 @@ Vagrant.configure(2) do |config|
     # Ruby and it's Gems
     cd /vagrant
     # rvm use $(cat .ruby-version) --install
-    gem install bundler --no-rdoc --no-ri
+    sudo gem install bundler --no-rdoc --no-ri
     bundle install
 
     # Node

config.ru

@@ -2,48 +2,61 @@
 libdir = File.expand_path(File.dirname(__FILE__) + '/lib')
 $LOAD_PATH.unshift(libdir) unless $LOAD_PATH.include?(libdir)
 
+raise 'Unconfigured' unless ENV['ELASTICSEARCH_URL']
+
 require 'proxes'
 require 'proxes/db'
 
-raise 'Unconfigured' unless ENV['ELASTICSEARCH_URL']
-
 use Rack::Static, urls: ['/assets'], root: 'public'
-
-use Rack::Session::Pool
-# use Rack::Session::Cookie,
-#   :key => '_ProxES_session',
-#   #:secure=>!TEST_MODE, # Uncomment if only allowing https:// access
-#   :secret=>File.read('.session_secret')
+use Rack::MethodOverride
+use Rack::Session::Cookie,
+  :key => '_ProxES_session',
+  #:secure=>!TEST_MODE, # Uncomment if only allowing https:// access
+  :secret=>File.read('.session_secret')
 
 require 'omniauth'
 require 'omniauth-identity'
+require 'proxes/controllers/auth_identity'
 # OmniAuth.config.test_mode = true
-
 use OmniAuth::Builder do
   # The identity provider is used by the App.
   provider :identity,
     fields: [:username],
+    callback_path: '/_proxes/auth/identity/callback',
     model: ProxES::Identity,
-    on_login: ProxES::Security,
-    on_registration: ProxES::Security,
+    on_login: ProxES::AuthIdentity,
+    on_registration: ProxES::AuthIdentity,
     locate_conditions: lambda{|req| {username: req['username']} }
 end
-
-OmniAuth.config.on_failure = Proc.new { |env|
-  OmniAuth::FailureEndpoint.new(env).redirect_to_failure
-}
+OmniAuth.config.on_failure = ProxES::AuthIdentity
 
 require 'warden'
 require 'proxes/strategies/jwt_token'
 use Warden::Manager do |manager|
   manager.default_strategies :jwt_token
   manager.scope_defaults :default, action: '_proxes/unauthenticated'
-  manager.failure_app = ProxES::Security
+  manager.failure_app = ProxES::App
 end
-
 Warden::Manager.serialize_into_session { |user| user.id }
 Warden::Manager.serialize_from_session { |id| ProxES::User[id] }
 
+# Management App
+require 'proxes/controllers'
+
+map '/_proxes' do
+  {
+    '/users' => ProxES::Users,
+    '/user-roles' => ProxES::UserRoles,
+  }.each do |route, app|
+    map route do
+      run app
+    end
+  end
+
+  run ProxES::App
+end
+
+
 # Proxy all Elasticsearch requests
 map '/' do
   # Security
@@ -52,8 +65,3 @@ map '/' do
   # Forward requests to ES
   run Rack::Proxy.new(backend: ENV['ELASTICSEARCH_URL'])
 end
-
-# Management App
-map '/_proxes' do
-  run ProxES::App
-end

lib/proxes.rb

@@ -1,5 +1,3 @@
 require 'proxes/version'
-require 'proxes/base'
 require 'proxes/app'
 require 'proxes/security'
-require 'proxes/es_request'

lib/proxes/app.rb

@@ -1,28 +1,49 @@
-require 'proxes/base'
-require 'proxes/routes'
+require 'proxes/controllers/application'
 
 module ProxES
   # Manage your Elasticsearch cluster, user and user sessions
-  class App < ProxES::Base
-    plugin :multi_route
+  class App < Application
+    get '/' do
+      authenticate!
+      haml :index
+    end
 
-    def logger
-      require 'logger'
-      @logger ||= Logger.new($stdout)
+    ['/unauthenticated', '/_proxes/unauthenticated'].each do |path|
+      get path do
+        redirect '/auth/identity'
+      end
     end
 
-    def root_url
-      @root_url = opts[:root_url] || '/_proxes'
+    post '/auth/identity/new' do
+      identity = Identity.new(params['identity'])
+      if identity.valid? && identity.save
+        flash[:info] = 'Successfully Registered. Please log in'
+        redirect '/auth/identity'
+      else
+        flash.now[:warning] = 'Could not complete the registration. Please try again.'
+        view 'security/register', locals: { identity: identity }
+      end
     end
 
-    route do |r|
-      r.multi_route
+    post '/auth/identity/callback' do
+      user = User.find_or_create(email: env['omniauth.auth']['info']['email'])
+      user.add_user_role role: 'user' unless user.has_role? 'user'
+      user.add_user_role(role: 'super_admin') if (user.id == 1 && user.has_role?('super_admin') == false)
 
-      r.get do
-        authenticate!
+      identity = Identity.find(username: user.email)
+      user.add_identity identity unless identity.user == user
 
-        view 'index'
-      end
+      set_user user
+      flash[:success] = 'Logged In'
+      redirect '/_proxes'
+    end
+
+    delete '/auth/identity' do
+      logout
+
+      flash[:info] = 'Logged Out'
+
+      redirect '/_proxes'
     end
   end
 end

lib/proxes/base.rb

@@ -0,0 +1,2 @@
+require 'proxes/controllers/users'
+require 'proxes/controllers/user_roles'

lib/proxes/controllers.rb

@@ -0,0 +1,39 @@
+require 'sinatra/base'
+require 'sinatra/flash'
+require 'proxes/helpers/views'
+require 'proxes/helpers/pundit'
+require 'proxes/helpers/authentication'
+
+module ProxES
+  class Application < Sinatra::Base
+    set :root, ::File.expand_path(::File.dirname(__FILE__) + '/../../../')
+    register Sinatra::Flash
+    helpers ProxES::Helpers::Pundit, ProxES::Helpers::Views, ProxES::Helpers::Authentication
+
+    configure :production do
+      disable :show_exceptions
+    end
+
+    configure :development do
+      set :show_exceptions, :after_handler
+    end
+
+    configure :production, :development do
+      enable :logging
+    end
+
+    not_found do
+      haml :'404', locals: { title: '4 oh 4' }
+    end
+
+    error do
+      error = env['sinatra.error']
+      haml :error, locals: { title: 'Something went wrong', message: error }
+    end
+
+    error ::Pundit::NotAuthorizedError do
+      flash[:warning] = 'Please log in first.'
+      redirect '/auth/identity'
+    end
+  end
+end

lib/proxes/controllers/application.rb

@@ -0,0 +1,20 @@
+require 'proxes/controllers/application'
+
+module ProxES
+  class AuthIdentity < Application
+    get '/auth/identity' do
+      haml :'identity/login', locals: { title: 'Log In' }
+    end
+
+    # Failed Login
+    post '/_proxes/auth/identity/callback' do
+      flash[:warning] = 'Invalid credentials. Please try again.'
+      redirect '/auth/identity'
+    end
+
+    get '/auth/identity/register' do
+      identity = Identity.new
+      haml :'identity/register', locals: { title: 'Register', identity: identity }
+    end
+  end
+end