Skip to content

Commit

Permalink
generate and expose forwarding tokens and usernames
Browse files Browse the repository at this point in the history
  • Loading branch information
timcowlishaw committed Jul 30, 2024
1 parent 117cfdb commit 1b3a90f
Show file tree
Hide file tree
Showing 5 changed files with 100 additions and 1 deletion.
7 changes: 7 additions & 0 deletions app/models/user.rb
Original file line number Diff line number Diff line change
Expand Up @@ -38,6 +38,7 @@ class User < ActiveRecord::Base
has_one_attached :profile_picture

before_create :generate_legacy_api_key
before_save :generate_forwarding_tokens


def self.forwarding_subscription_authorized?(token, username)
Expand Down Expand Up @@ -172,6 +173,12 @@ def generate_legacy_api_key
generate_token(:legacy_api_key, Digest::SHA1.hexdigest(SecureRandom.uuid) )
end

def generate_forwarding_tokens
if is_admin_or_researcher? && forwarding_token.blank?
regenerate_forwarding_tokens!
end
end

def generate_token(column, token=SecureRandom.urlsafe_base64)
begin
self[column] = token
Expand Down
4 changes: 4 additions & 0 deletions app/views/v0/users/_user.jbuilder
Original file line number Diff line number Diff line change
Expand Up @@ -17,9 +17,13 @@ authorized = current_user && current_user == user || current_user&.is_admin?
if authorized
json.merge! email: user.email
json.merge! legacy_api_key: user.legacy_api_key
json.merge! forwarding_token: user.forwarding_token
json.merge! forwarding_username: user.forwarding_username
else
json.merge! email: '[FILTERED]'
json.merge! legacy_api_key: '[FILTERED]'
json.merge! forwarding_token: '[FILTERED]'
json.merge! forwarding_username: '[FILTERED]'
end

json.devices user.devices.filter { |d|
Expand Down
10 changes: 9 additions & 1 deletion lib/tasks/users.rake
Original file line number Diff line number Diff line change
Expand Up @@ -52,4 +52,12 @@ namespace :users do
puts "Check moved devices: #{Device.count} (should be #{count_devices}, #{count_moved_devices} moved)"
puts "Check deleted users: #{User.count} (should be #{count_users - count_deleted_users}, #{count_deleted_users} deleted)"
end
end

task :generate_forwarding_tokens => :environment do
User.where("role_mask >= 4 AND forwarding_token IS NULL").each do |user|
puts "Generating tokens for user #{user.username} (role_mask: #{user.role_mask}, id: #{user.id})"
user.regenerate_forwarding_tokens!
user.save!
end
end
end
64 changes: 64 additions & 0 deletions spec/models/user_spec.rb
Original file line number Diff line number Diff line change
Expand Up @@ -171,6 +171,70 @@
end
end

describe "generating forwarding tokens" do
context "on creating a new admin user" do
it "generates forwarding tokens" do
user = build(:user, role_mask: 7)
user.save!
expect(user.forwarding_token).not_to be(nil)
expect(user.forwarding_username).not_to be(nil)
end
end

context "on creating a new researcher user" do
it "generates forwarding tokens" do
user = build(:user, role_mask: 4)
user.save!
expect(user.forwarding_token).not_to be(nil)
expect(user.forwarding_username).not_to be(nil)
end
end

context "on creating a new citizen user" do
it "does not generate forwarding tokens" do
user = build(:user, role_mask: 0)
user.save!
expect(user.forwarding_token).to be(nil)
expect(user.forwarding_username).to be(nil)
end
end

context "on upgrading a user" do
context "when the user already has forwarding tokens" do
it "does not generate new tokens" do
user = build(:user, role_mask: 4)
user.save!
existing_token = user.forwarding_token
existing_username = user.forwarding_username
user.reload

user.role_mask = 7
user.save!

expect(user.forwarding_token).not_to be(nil)
expect(user.forwarding_username).not_to be(nil)

expect(user.forwarding_token).to eq(existing_token)
expect(user.forwarding_username).to eq(existing_username)
end
end

context "when the user does not have forwarding tokens" do
it "generates new tokens" do
user = build(:user, role_mask: 0)
user.save!

user.role_mask = 7
user.save!

expect(user.forwarding_token).not_to be(nil)
expect(user.forwarding_username).not_to be(nil)
end
end
end
end


describe "states" do
it "has a default active state" do
expect(user.workflow_state).to eq('active')
Expand Down
16 changes: 16 additions & 0 deletions spec/requests/v0/users_spec.rb
Original file line number Diff line number Diff line change
Expand Up @@ -42,6 +42,22 @@
expect(j['email']).to eq(user.email)
end

it "des not include the forwarding token and username by default" do
user.role_mask = 4
user.save!
j = api_get "users/testguy"
expect(j["forwarding_token"]).to eq("[FILTERED]")
expect(j["forwarding_username"]).to eq("[FILTERED]")
end

it "includes the forwarding token and username for the owner" do
user.role_mask = 4
user.save!
j = api_get "users/testguy?access_token=#{token.token}"
expect(j["forwarding_token"]).to eq(user.forwarding_token)
expect(j["forwarding_username"]).to eq(user.forwarding_username)
end

describe "device privacy" do
before do
@private_device = create(:device, owner: user, is_private: true)
Expand Down

0 comments on commit 1b3a90f

Please sign in to comment.