External account integration modularized & app_settings.yml variables…

… renamed
reddragon · Jul 6, 2010 · 4496f92 · 4496f92
1 parent 69c6f75
commit 4496f92
Show file tree

Hide file tree

Showing 15 changed files with 77 additions and 85 deletions.
diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb
@@ -24,6 +24,7 @@ class ApplicationController < ActionController::Base
   protect_from_forgery # See ActionController::RequestForgeryProtection for details
   include AuthenticatedSystem
   include AccessControl
+  include ExternalAccountSystem
 
   # Scrub sensitive parameters from your log
   # Filter the password and password_confirmation

diff --git a/app/controllers/calendar_controller.rb b/app/controllers/calendar_controller.rb
@@ -9,7 +9,7 @@ def index
   end
 
   def dates
-    @mode = APP_CONFIG['fsocmode']
+    @mode = APP_CONFIG['fsoc_mode']
     if @mode == "Summer Coding"
       @pct_from = (APP_CONFIG['pct_from']).to_formatted_s(:long)
       @pct_to = (APP_CONFIG['pct_to']).to_formatted_s(:long)

diff --git a/app/controllers/dashboard_controller.rb b/app/controllers/dashboard_controller.rb
@@ -102,7 +102,7 @@ def configure
     end
 
     app_settings = AppSetting.find(:all)
-    if APP_CONFIG['fsocmode'] == "Summer Coding"
+    if APP_CONFIG['fsoc_mode'] == "Summer Coding"
       if app_settings.empty?
         flash[:notice] = 'FSoC is in Summer Coding mode, but Timeframes 
          have not yet been set.'

diff --git a/app/controllers/proposals_controller.rb b/app/controllers/proposals_controller.rb
@@ -139,7 +139,7 @@ def reject
   def signoff
     @proposal = Proposal.find(params[:id])  
     if can_signoff_proposal?(@proposal)
-      if APP_CONFIG['fsocmode'] == "Year Round"
+      if APP_CONFIG['fsoc_mode'] == "Year Round"
         @proposal.update_attributes(:status => 'signed_off')
       else
         @proposal.update_attributes(:status => 'admin_sign_off_pending')

diff --git a/app/controllers/sessions_controller.rb b/app/controllers/sessions_controller.rb
@@ -17,7 +17,7 @@
 
 # This controller handles the login/logout function of the site.  
 class SessionsController < ApplicationController
-
+  include ExternalAccountSystem
   # render new.rhtml
   def new
   end

diff --git a/app/controllers/users_controller.rb b/app/controllers/users_controller.rb
@@ -57,11 +57,11 @@ def create
     logout_keeping_session!
     @user = User.new(params[:user])
     @user.user_type = 'admin' if User.first.nil?
-    if APP_CONFIG['authviascript']
-      response = system("#{APP_CONFIG['scriptcommand']} #{@user.login} #{@user.password}")
+    if APP_CONFIG['auth_via_script']
+      response = authenticated_externally?(@user.login, @user.password)
       if !response
         flash[:notice] = "Your username and password do not correspond to\
-          a valid account at #{APP_CONFIG['accountsystem']}."
+          a valid account at #{APP_CONFIG['account_system']}."
         render :action => 'new'
       else
         success = @user && @user.save

diff --git a/app/models/user.rb b/app/models/user.rb
@@ -21,6 +21,7 @@ class User < ActiveRecord::Base
   include Authentication
   include Authentication::ByPassword
   include Authentication::ByCookieToken
+  include ExternalAccountSystem
 
   validates_presence_of     :login
   validates_length_of       :login,    :within => 3..40
@@ -62,9 +63,9 @@ class User < ActiveRecord::Base
   def self.authenticate(login, password)
     return nil if login.blank? || password.blank?
     u = find_by_login(login.downcase) # need to get the salt
-    if APP_CONFIG['authviascript'] == true
-      response = system("#{APP_CONFIG['scriptcommand']} #{login} #{password}")
-      u && response ? u : nil
+    if APP_CONFIG['auth_via_script'] == true
+      #response = current_user.login
+      u && u.authenticated_externally?(login, password) ? u : nil
     else
       u && u.authenticated?(password) ? u : nil
     end  

diff --git a/app/views/dashboard/configure.html.haml b/app/views/dashboard/configure.html.haml
@@ -25,12 +25,12 @@
 
 %h3
   FSoC is currently in
-  = APP_CONFIG['fsocmode']
+  = APP_CONFIG['fsoc_mode']
   mode
   %br
 %br
 %br
-  - if APP_CONFIG['fsocmode'] == "Summer Coding"
+  - if APP_CONFIG['fsoc_mode'] == "Summer Coding"
     - form_tag :action => "set_timeframes" do
       %h3
         Project Creation Timeframe

diff --git a/app/views/proposals/certificate.pdf.prawn b/app/views/proposals/certificate.pdf.prawn
@@ -39,14 +39,14 @@ require "prawn/core"
     pdf.text "For successfully completing the project\n\
       #{@proposal.project.name}", \
       :align => :center, :size => 20
-    pdf.text "in the #{APP_CONFIG['programname']} program.", \
+    pdf.text "in the #{APP_CONFIG['program_name']} program.", \
       :align => :center, :size => 20
 
     #pdf.move_down 80
     pdf.draw_text "#{@proposal.project.mentor.name}", :size => 15, :at => [20, 20]
-    pdf.draw_text "#{APP_CONFIG['adminname']}", :size => 15, :at => [550,20]
+    pdf.draw_text "#{APP_CONFIG['admin_name']}", :size => 15, :at => [550,20]
     #pdf.move_down 5
     pdf.draw_text "Mentor", :at => [20, 10]
-    pdf.draw_text "#{APP_CONFIG['admindesignation']}", :at => [550, 10] 
+    pdf.draw_text "#{APP_CONFIG['admin_designation']}", :at => [550, 10] 
 
   end
diff --git a/app/views/sessions/new.html.erb b/app/views/sessions/new.html.erb
@@ -25,10 +25,10 @@
 
     <p style="color: red"><%= flash[:error] %></p>
     <% form_tag session_path do -%>
-    <% if APP_CONFIG['authviascript'] == true %>
+    <% if APP_CONFIG['auth_via_script'] == true %>
       <small>Please use your
-        <a href = <%= "#{APP_CONFIG['accountsystemuri']}" %> > 
-          <%= APP_CONFIG['accountsystem'] %> 
+        <a href = <%= "#{APP_CONFIG['account_system_uri']}" %> > 
+          <%= APP_CONFIG['account_system'] %> 
         </a>
         login which is registered with us.</small>
     <% end %>

diff --git a/app/views/users/new.html.erb b/app/views/users/new.html.erb
@@ -23,10 +23,10 @@
 	<div style="clear: both;">&nbsp;</div>
 	<div class="entry">
     <% @user.password = @user.password_confirmation = nil %>
-     <% if APP_CONFIG['authviascript'] == true %>
+     <% if APP_CONFIG['auth_via_script'] == true %>
       <small>Please first register with
-        <a href = <%= "#{APP_CONFIG['accountsystemuri']}" %> > 
-          <%= APP_CONFIG['accountsystem'] %> 
+        <a href = <%= "#{APP_CONFIG['account_system_uri']}" %> > 
+          <%= APP_CONFIG['account_system'] %> 
         </a>and use the registered login here.</small>
     <% end %>
     

diff --git a/config/app_settings.yml b/config/app_settings.yml
@@ -1,15 +1,14 @@
-programname: Fedora Summer Coding 2010
-adminname: Karsten Wade
-admindesignation: Program Administrator
+program_name: Fedora Summer Coding 2010
+admin_name: Karsten Wade
+admin_designation: Program Administrator
 
-fsocmode: Summer Coding
+fsoc_mode: Summer Coding
 
-authviascript: true
-scriptcommand: ruby lib/checkpassword.rb
-accountsystem: Fedora Account System
-accountsystemuri: https://admin.fedoraproject.org/accounts
+auth_via_script: true
+script_command: ruby lib/checkpassword.rb
+account_system: Fedora Account System
+account_system_uri: https://admin.fedoraproject.org/accounts
 
-timeframesset: false
 pct_from:
 pct_to:
 pst_from:

diff --git a/lib/access_control.rb b/lib/access_control.rb
@@ -20,8 +20,9 @@ module AccessControl
 
   protected
     def within_timeframe?(timeframe)
-      APP_CONFIG['fsocmode'] == "Year Round" || (APP_CONFIG[timeframe + "_from"] <= DateTime.now and DateTime.now <= APP_CONFIG[timeframe + "_to"]) 
+      APP_CONFIG['fsoc_mode'] == "Year Round" || (APP_CONFIG[timeframe + "_from"] <= DateTime.now and DateTime.now <= APP_CONFIG[timeframe + "_to"]) 
     end
+
     #user specific
     def mentor?(user = current_user)
       if user == current_user

diff --git a/lib/checkpassword.rb b/lib/checkpassword.rb
diff --git a/lib/external_account_system.rb b/lib/external_account_system.rb
@@ -0,0 +1,44 @@
+# Copyright (C) 2010 Shreyank Gupta <sgupta@REDHAT.COM>
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
+
+module ExternalAccountSystem
+  #Contains methods that links FSoC with an external account system
+
+  #This method is called to validate the username/password pair
+  def authenticated_externally?(username, password)
+    fas_url = "https://admin.fedoraproject.org/accounts/home"
+
+    curlobj = Curl::Easy.new(fas_url)
+
+    pf_login = Curl::PostField.content('login', 'Login')
+    pf_username = Curl::PostField.content('user_name', username)
+    pf_password = Curl::PostField.content('password', password)
+
+    curlobj.http_post(pf_login, pf_username, pf_password)
+
+    if curlobj.response_code == 200
+      return true
+    else
+      return false
+    end
+  end
+
+  def self.included(base)
+      if base.respond_to? :helper_method
+        base.send :helper_method, :authenticated_externally?
+      end
+  end
+end