Skip to content

Commit

Permalink
Introduce 'authorized' configuration option for services
Browse files Browse the repository at this point in the history 
Since the Facebook API has changed and additional permissions are required for all users on a pod to cross-post, an additional 'authorized' flag is needed to be set for the Facebook service.
This flag allows either all users, one user or no users to use the cross-posting service.

Clarifies the situation for diaspora#5923, diaspora#5260 and diaspora#5085.
  • Loading branch information
@jaywink
jaywink committed May 24, 2015
1 parent 5a3b62d commit 778e321
Show file tree
Hide file tree
Showing 8 changed files with 189 additions and 75 deletions.
6 changes: 3 additions & 3 deletions app/presenters/statistics_presenter.rb
View file
Expand Up @@ -98,7 +98,7 @@ def local_comments
def all_services_helper
result = {}
Configuration::KNOWN_SERVICES.each {|service, options|
result[service.to_s] = AppConfig["services.#{service}.enable"]
result[service.to_s] = AppConfig.show_service?(service, nil)
}
result
end
Expand All @@ -109,13 +109,13 @@ def all_services

def available_services
Configuration::KNOWN_SERVICES.select {|service|
AppConfig["services.#{service}.enable"]
AppConfig.show_service?(service, nil)
}.map(&:to_s)
end

def legacy_services
Configuration::KNOWN_SERVICES.each_with_object({}) {|service, result|
result[service.to_s] = AppConfig["services.#{service}.enable"]
result[service.to_s] = AppConfig.show_service?(service, nil)
}
end

Expand Down
25 changes: 13 additions & 12 deletions app/views/services/_add_remove_services.haml
View file
Expand Up @@ -4,19 +4,20 @@
- if AppConfig.configured_services.count > 0
- AppConfig.configured_services.each do |provider|
%h3= t("services.provider.#{provider}")
- services_for_provider = @services.select{|x| x.provider == provider.to_s}
- if services_for_provider.count > 0
- services_for_provider.each do |service|
!= t("services.index.logged_in_as", nickname: content_tag(:strong, service.nickname ))
= link_to t("services.index.disconnect"),
service_path(service),
data: { confirm: t("services.index.really_disconnect", service: t("services.provider.#{provider}")) },
method: :delete
- if AppConfig.show_service?(provider, current_user)
%h3= t("services.provider.#{provider}")
- services_for_provider = @services.select{|x| x.provider == provider.to_s}
- if services_for_provider.count > 0
- services_for_provider.each do |service|
!= t("services.index.logged_in_as", nickname: content_tag(:strong, service.nickname ))
= link_to t("services.index.disconnect"),
service_path(service),
data: { confirm: t("services.index.really_disconnect", service: t("services.provider.#{provider}")) },
method: :delete

- else
= t("services.index.not_logged_in")
= link_to(t("services.index.connect"), "/auth/#{provider}")
- else
= t("services.index.not_logged_in")
= link_to(t("services.index.connect"), "/auth/#{provider}")

- else
.well
Expand Down
5 changes: 3 additions & 2 deletions app/views/shared/_right_sections.html.haml
View file
Expand Up @@ -57,8 +57,9 @@

#right_service_icons
- AppConfig.configured_services.each do |service|
- unless current_user.services.any?{|x| x.provider == service}
= link_to(content_tag(:div, nil, :class => "social_media_logos-#{service.to_s.downcase}-24x24", :title => service.to_s.titleize), "/auth/#{service}")
- if AppConfig.show_service?(service, current_user)
- unless current_user.services.any?{|x| x.provider == service}
= link_to(content_tag(:div, nil, :class => "social_media_logos-#{service.to_s.downcase}-24x24", :title => service.to_s.titleize), "/auth/#{service}")

.section
.title
Expand Down
5 changes: 5 additions & 0 deletions config/defaults.yml
View file
Expand Up @@ -146,18 +146,22 @@ defaults:
app_id:
secret:
open_graph_namespace: 'joindiaspora'
authorized: false
twitter:
enable: false
key:
secret:
authorized: true
tumblr:
enable: false
key:
secret:
authorized: true
wordpress:
enable: false
key:
secret:
authorized: true
mail:
enable: false
sender_address: 'no-reply@example.org'
Expand Down Expand Up @@ -211,6 +215,7 @@ test:
enable: true
app_id: 'fake'
secret: 'sdoigjosdfijg'
authorized: true
mail:
enable: true
integration1:
Expand Down
7 changes: 7 additions & 0 deletions config/diaspora.yml.example
View file
Expand Up @@ -536,6 +536,13 @@ configuration: ## Section
#app_id: 'abcdef'
#secret: 'change_me'

## This setting is required to define whether the Facebook app has permissions to post
## false == No permissions (default)
## true == Permissions for all users to post. App MUST have 'publish_actions' approved by Facebook!
## "username" == Set to local username to allow a single user to cross-post. The person who has created
## the Facebook app will always be able to cross-post, even without 'publish_actions'.
#authorized: false

## OAuth credentials for Twitter
twitter: ## Section

Expand Down
7 changes: 7 additions & 0 deletions lib/configuration_methods.rb
View file
Expand Up @@ -34,6 +34,13 @@ def configured_services
end
attr_writer :configured_services

def show_service?(service, user)
return false unless self["services.#{service}.enable"]
# Return true only if 'authorized' is true or equal to user username
(user && self["services.#{service}.authorized"] == user.username) ||
self["services.#{service}.authorized"] == true
end

def secret_token
if heroku?
return ENV['SECRET_TOKEN'] if ENV['SECRET_TOKEN']
Expand Down
71 changes: 52 additions & 19 deletions spec/lib/configuration_methods_spec.rb
View file
Expand Up @@ -8,40 +8,40 @@
extend Configuration::Methods
end
end

describe "#pod_uri" do
before do
@settings.environment.url = nil
@settings.instance_variable_set(:@pod_uri, nil)
end

it "properly parses the pod url" do
@settings.environment.url = "http://example.org/"
expect(@settings.pod_uri.scheme).to eq("http")
expect(@settings.pod_uri.host).to eq("example.org")
end

it "adds a trailing slash if there isn't one" do
@settings.environment.url = "http://example.org"
expect(@settings.pod_uri.to_s).to eq("http://example.org/")
end

it "does not add an extra trailing slash" do
@settings.environment.url = "http://example.org/"
expect(@settings.pod_uri.to_s).to eq("http://example.org/")
end

it "adds http:// on the front if it's missing" do
@settings.environment.url = "example.org/"
expect(@settings.pod_uri.to_s).to eq("http://example.org/")
end

it "does not add a prefix if there already is https:// on the front" do
@settings.environment.url = "https://example.org/"
expect(@settings.pod_uri.to_s).to eq("https://example.org/")
end
end

describe "#bare_pod_uri" do
it 'is #pod_uri.authority stripping www.' do
pod_uri = double
Expand All @@ -50,7 +50,7 @@
expect(@settings.bare_pod_uri).to eq('example.org')
end
end

describe "#configured_services" do
it "includes the enabled services only" do
services = double
Expand All @@ -69,7 +69,40 @@
expect(@settings.configured_services).not_to include :wordpress
end
end


describe "#show_service" do
before do
AppConfig.services.twitter.authorized = true
AppConfig.services.twitter.enable = true
AppConfig.services.facebook.authorized = true
AppConfig.services.facebook.enable = true
AppConfig.services.wordpress.authorized = false
AppConfig.services.wordpress.enable = true
AppConfig.services.tumblr.authorized = "alice"
AppConfig.services.tumblr.enable = true
end

it "shows service with no authorized key" do
expect(AppConfig.show_service?("twitter", bob)).to be_truthy
end

it "shows service with authorized key true" do
expect(AppConfig.show_service?("facebook", bob)).to be_truthy
end

it "doesn't show service with authorized key false" do
expect(AppConfig.show_service?("wordpress", bob)).to be_falsey
end

it "doesn't show service with authorized key not equal to username" do
expect(AppConfig.show_service?("tumblr", bob)).to be_falsey
end

it "shows service with authorized key equal to username" do
expect(AppConfig.show_service?("tumblr", alice)).to be_truthy
end
end

describe "#version_string" do
before do
@version = double
Expand All @@ -83,61 +116,61 @@
it "includes the version" do
expect(@settings.version_string).to include @version.number
end

context "with git available" do
before do
allow(@settings).to receive(:git_available?).and_return(true)
allow(@settings).to receive(:git_revision).and_return("1234567890")
end

it "includes the 'patchlevel'" do
expect(@settings.version_string).to include "-p#{@settings.git_revision[0..7]}"
expect(@settings.version_string).not_to include @settings.git_revision[0..8]
end
end
end

describe "#get_redis_options" do
context "with REDISTOGO_URL set" do
before do
ENV["REDISTOGO_URL"] = "redis://myserver"
end

it "uses that" do
expect(@settings.get_redis_options[:url]).to match "myserver"
end
end

context "with REDIS_URL set" do
before do
ENV["REDISTOGO_URL"] = nil
ENV["REDIS_URL"] = "redis://yourserver"
end

it "uses that" do
expect(@settings.get_redis_options[:url]).to match "yourserver"
end
end

context "with redis set" do
before do
ENV["REDISTOGO_URL"] = nil
ENV["REDIS_URL"] = nil
@settings.environment.redis = "redis://ourserver"
end

it "uses that" do
expect(@settings.get_redis_options[:url]).to match "ourserver"
end
end

context "with a unix socket set" do
before do
ENV["REDISTOGO_URL"] = nil
ENV["REDIS_URL"] = nil
@settings.environment.redis = "unix:///tmp/redis.sock"
end

it "uses that" do
expect(@settings.get_redis_options[:url]).to match "/tmp/redis.sock"
end
Expand Down

0 comments on commit 778e321

Please sign in to comment.