Remove code related to Launchpad auth or 37id Users

This commit is contained in:
Mike Dalessio
2025-09-30 13:03:08 -04:00
parent 7129b711f1
commit 47370084d2
23 changed files with 55 additions and 371 deletions
+9 -38
View File
@@ -40,45 +40,16 @@ def create_tenant(signal_account_name, bare: false)
end
def find_or_create_user(full_name, email_address)
if Rails.application.config.x.local_authentication
if user = User.find_by(email_address: email_address)
user.password = "secret123456"
user.save!
user
else
User.create!(
name: full_name,
email_address: email_address,
password: "secret123456"
)
end
if user = User.find_by(email_address: email_address)
user.password = "secret123456"
user.save!
user
else
SignalId::Database.on_master do
unless signal_identity = SignalId::Identity.find_by_email_address(email_address)
signal_identity = SignalId::Identity.create!(
name: full_name,
email_address: email_address,
username: email_address,
password: "secret123456"
)
end
signal_account = Account.sole.external_account
signal_user = SignalId::User.find_or_create_by!(identity: signal_identity, account: signal_account)
if user = User.find_by(external_user_id: signal_user.id)
user.password = "secret123456"
user.save!
user
else
User.create!(
external_user_id: signal_user.id,
name: signal_identity.name,
email_address: signal_identity.email_address,
password: "secret123456"
)
end
end
User.create!(
name: full_name,
email_address: email_address,
password: "secret123456"
)
end
end
@@ -1,14 +0,0 @@
module Sessions
module SignalSessions
extend ActiveSupport::Concern
included do
before_action :require_local_auth, only: %i[ new create ]
end
private
def require_local_auth
head :forbidden
end
end
end
@@ -1,23 +0,0 @@
class Sessions::LaunchpadController < ApplicationController
require_unauthenticated_access
before_action :require_sig
def show
end
def update
user = Account.sole.external_account.authenticate(sig: @sig).try(:peer)
if user.present? && user.active?
start_new_session_for user
redirect_to after_authentication_url
else
render plain: "Authentication failed. This is probably a bug.", status: :unauthorized
end
end
private
def require_sig
@sig = params.expect(:sig)
end
end
@@ -1,15 +0,0 @@
module LoginHelper
module SignalLogin
def login_url
if ApplicationRecord.current_tenant
Launchpad.login_url(product: true, account: Account.sole)
else
Launchpad.login_url(product: true)
end
end
def logout_url
Launchpad.logout_url
end
end
end
@@ -20,9 +20,8 @@ module Account::SignalAccount
User.create!(
name: account.external_account.owner.name,
email_address: account.external_account.owner.email_address,
external_user_id: account.external_account.owner.id,
role: "admin",
password: SecureRandom.hex(36) # TODO: remove password column?
password: SecureRandom.hex(16)
)
end
end
@@ -1,19 +0,0 @@
module User::SignalUser
extend ActiveSupport::Concern
prepended do
# the external_user_id is the SignalId::User id
belongs_to :external_user, dependent: :destroy, class_name: "SignalId::User", optional: true
end
class_methods do
def find_by_signal_user_id(signal_user_id)
find_by(external_user_id: signal_user_id)
end
end
def deactivate
super
SignalId::Database.on_master { external_user&.destroy }
end
end
-6
View File
@@ -1,10 +1,4 @@
Fizzy::Saas::Engine.routes.draw do
resource :session do
scope module: "sessions" do
resource :launchpad, only: %i[ show update ], controller: "launchpad"
end
end
namespace :signup do
get "/" => "accounts#new"
resources :accounts, only: %i[ new create ]
-4
View File
@@ -5,10 +5,7 @@ module Fizzy
class Engine < ::Rails::Engine
# extend application models
config.to_prepare do
User.prepend User::SignalUser
Account.prepend Account::SignalAccount
LoginHelper.prepend LoginHelper::SignalLogin
SessionsController.include Sessions::SignalSessions
end
# moved from config/initializers/queenbee.rb
@@ -39,7 +36,6 @@ module Fizzy
silence_warnings do
SignalId::Account::Peer = Account
SignalId::User::Peer = User
end
end
@@ -1,17 +0,0 @@
require "test_helper"
class ControllerAuthenticationTest < ActionDispatch::IntegrationTest
test "access without an account slug redirects to launchpad" do
integration_session.default_url_options[:script_name] = "" # no tenant
get cards_path
assert_redirected_to Launchpad.login_url(product: true)
end
test "access with an account slug but no session redirects to launchpad" do
get cards_path
assert_redirected_to Launchpad.login_url(product: true, account: Account.sole)
end
end
@@ -1,38 +0,0 @@
require "test_helper"
class Sessions::LaunchpadControllerTest < ActionDispatch::IntegrationTest
test "show renders when not signed in" do
get saas.session_launchpad_path(params: { sig: "test-sig" })
assert_response :success
assert_select "form input#sig" do |node|
assert_equal node.length, 1
assert_equal node.first["value"], "test-sig"
end
end
test "create establishes a session when the sig is valid" do
user = users(:david)
put saas.session_launchpad_path(params: { sig: user.external_user.perishable_signature })
assert_redirected_to root_url
assert parsed_cookies.signed[:session_token]
end
test "create checks user.active?" do
user = users(:david)
user.update! active: false
put saas.session_launchpad_path(params: { sig: user.external_user.perishable_signature })
assert_response :unauthorized
end
test "returns 401 when the sig is invalid" do
put saas.session_launchpad_path(params: { sig: "invalid" })
assert_response :unauthorized
end
end
@@ -1,24 +0,0 @@
require "test_helper"
class SessionsControllerTest < ActionDispatch::IntegrationTest
test "destroy" do
sign_in_as :kevin
delete session_path
assert_redirected_to Launchpad.logout_url
assert_not cookies[:session_token].present?
end
test "new" do
get new_session_path
assert_response :forbidden
end
test "create" do
post session_path, params: { email_address: "david@37signals.com", password: "secret123456" }
assert_response :forbidden
end
end
@@ -18,7 +18,7 @@ class Account::SignalAccountTest < ActiveSupport::TestCase
assert_equal @account, @account.external_account.peer
end
test ".create_with_admin_user creates a new local account and user peers" do
test ".create_with_admin_user creates a new local account" do
ApplicationRecord.create_tenant("account-create-with-dependents") do
signal_account = signal_accounts(:honcho_fizzy)
account = Account.create_with_admin_user(tenant_id: signal_account.queenbee_id)
@@ -32,11 +32,9 @@ class Account::SignalAccountTest < ActiveSupport::TestCase
assert_equal 1, User.count
User.first.tap do |user|
assert signal_account.owner.name, user.name
assert signal_account.owner.email_address, user.email_address
assert signal_account.owner.id, user.external_user_id
assert_equal signal_account.owner.name, user.name
assert_equal signal_account.owner.email_address, user.email_address
assert_equal "admin", user.role
assert_equal user, signal_account.owner.peer
end
end
end
@@ -42,7 +42,6 @@ class SignupTest < ActiveSupport::TestCase
assert @signup.user
assert @signup.user.persisted?
assert_equal @signup.user.external_user, @signup.signal_account.owner
assert_equal @signup.queenbee_account.id.to_s, @signup.tenant_name
assert_includes ApplicationRecord.tenants, @signup.tenant_name
@@ -86,7 +85,6 @@ class SignupTest < ActiveSupport::TestCase
assert @signup.user
assert @signup.user.persisted?
assert_equal @signup.user.external_user, @signup.signal_account.owner
assert_equal @signup.queenbee_account.id.to_s, @signup.tenant_name
assert_includes ApplicationRecord.tenants, @signup.tenant_name
@@ -1,22 +0,0 @@
require "test_helper"
class User::SignalUserTest < ActiveSupport::TestCase
setup do
@user = users(:david)
end
test "belongs to a Signal::User" do
assert_not_nil @user.external_user_id
assert_equal signal_users("37s_fizzy_david"), @user.external_user
end
test "peering" do
assert_equal @user, @user.external_user.peer
end
test "deactivate clears signal user" do
users(:jz).deactivate
assert_nil users(:jz).reload.external_user
end
end
-4
View File
@@ -4,10 +4,6 @@ require "queenbee/testing/mocks"
module ActiveSupport
class TestCase
include SignalId::Testing
def saas_extension_sign_in_as(user)
put saas.session_launchpad_path, params: { sig: user.external_user.perishable_signature }
end
end
end
+14 -30
View File
@@ -2,41 +2,25 @@
require_relative "../config/environment"
if ARGV.length < 2
puts "Usage: #{$0} <email> <tenant>"
if ARGV.length < 3
puts "Usage: #{$0} <tenant> <email> <fullname>"
exit 1
end
email_address = ARGV[0]
tenant = ARGV[1]
tenant = ARGV.shift
email_address = ARGV.shift
name = ARGV.join(" ")
def confirm(noun)
print "Is this the correct #{noun}? (y/n) "
response = $stdin.gets.chomp.downcase
exit 0 unless response == "y"
puts
end
signal_identity = SignalId::Identity.find_by!(email_address: email_address)
pp signal_identity
confirm "identity"
ApplicationRecord.with_tenant(tenant) do
signal_account = Account.sole.external_account
pp signal_account
confirm "account"
SignalId::Database.on_master do
signal_user = SignalId::User.create!(identity: signal_identity, account: signal_account)
user = User.create!(
name: signal_user.name,
email_address: signal_user.email_address,
external_user_id: signal_user.id,
password: SecureRandom.hex(36) # TODO: remove password column?
)
begin
ApplicationRecord.with_tenant(tenant) do
password = SecureRandom.hex(16)
user = User.create!(name:, email_address:, password:)
puts "Created: "
pp [ user, signal_user ]
pp user
puts "Password is: #{password.inspect}"
end
rescue Exception => e
puts "Failed with error: #{e.inspect}"
end
-1
View File
@@ -34,7 +34,6 @@ ActiveRecord::Tenanted::DatabaseTasks.migrate_all
ApplicationRecord.with_tenant(signup.tenant_name) do |tenant|
Account.sole.update! external_account: signup.signal_account
User.first.update! external_user: signup.signal_account.owner
puts "\n\nLogin to http://launchpad.localhost:3011/ as #{signup.email_address} / #{signup.password}"
end
@@ -1,21 +0,0 @@
#!/usr/bin/env ruby
require_relative "../config/environment"
ApplicationRecord.with_each_tenant do |tenant|
account = Account.sole
signal_account = account.signal_account
signal_users = SignalId::User.where(account_id: signal_account.id)
signal_users.each do |signal_user|
unless User.find_by(signal_user_id: signal_user.id)
User.create!(
name: signal_user.identity.name,
email_address: signal_user.identity.email_address,
signal_user_id: signal_user.id,
password: SecureRandom.hex(36) # TODO: remove password column?
)
end
end
end
-41
View File
@@ -1,41 +0,0 @@
#!/usr/bin/env ruby
#
# this is intended to copy a production database into beta, change the account id, and stitch the
# user accounts together properly.
#
require_relative "../config/environment"
ActiveRecord::Base.logger = Logger.new(File::NULL)
ApplicationRecord.with_each_tenant do |tenant|
puts "\n# tenant: #{tenant}"
signal_account = SignalId::Account.find_by!(queenbee_id: tenant)
puts "Found signal account #{signal_account.inspect}"
account = Account.sole
if account.tenant_id != tenant
puts "setting account tenant_id to #{tenant}"
account.update!(tenant_id: tenant, name: account.name + " (Beta)")
end
User.find_each do |user|
next if user.system? || user.external_user_id.nil?
signal_user = user.external_user
next if signal_user.nil?
next if signal_user.account == account.external_account
signal_identity = signal_user.identity
pp signal_identity
SignalId::Database.on_master do
signal_user = SignalId::User.find_or_create_by!(identity: signal_identity, account: signal_account)
puts "Created signal user #{signal_user.inspect} for identity #{signal_identity.inspect}"
user.external_user_id = signal_user.id
user.save!
end
end
end
@@ -1,20 +1,18 @@
require "test_helper"
class ControllerAuthenticationTest < ActionDispatch::IntegrationTest
if Rails.application.config.x.local_authentication
test "access without an account slug redirects to new session" do
integration_session.default_url_options[:script_name] = "" # no tenant
test "access without an account slug redirects to new session" do
integration_session.default_url_options[:script_name] = "" # no tenant
get cards_path
get cards_path
assert_redirected_to new_session_path
end
assert_redirected_to new_session_path
end
test "access with an account slug but no session redirects to new session" do
get cards_path
test "access with an account slug but no session redirects to new session" do
get cards_path
assert_redirected_to new_session_path
end
assert_redirected_to new_session_path
end
test "access with an account slug and a session allows functional access" do
+19 -21
View File
@@ -1,34 +1,32 @@
require "test_helper"
class SessionsControllerTest < ActionDispatch::IntegrationTest
if Rails.application.config.x.local_authentication
test "destroy" do
sign_in_as :kevin
test "destroy" do
sign_in_as :kevin
delete session_path
delete session_path
assert_redirected_to new_session_path
assert_not cookies[:session_token].present?
end
assert_redirected_to new_session_path
assert_not cookies[:session_token].present?
end
test "new" do
get new_session_path
test "new" do
get new_session_path
assert_response :success
end
assert_response :success
end
test "create with valid credentials" do
post session_path, params: { email_address: "david@37signals.com", password: "secret123456" }
test "create with valid credentials" do
post session_path, params: { email_address: "david@37signals.com", password: "secret123456" }
assert_redirected_to root_path
assert cookies[:session_token].present?
end
assert_redirected_to root_path
assert cookies[:session_token].present?
end
test "create with invalid credentials" do
post session_path, params: { email_address: "david@37signals.com", password: "wrong" }
test "create with invalid credentials" do
post session_path, params: { email_address: "david@37signals.com", password: "wrong" }
assert_redirected_to new_session_path
assert_not cookies[:session_token].present?
end
assert_redirected_to new_session_path
assert_not cookies[:session_token].present?
end
end
-9
View File
@@ -5,27 +5,18 @@ david:
email_address: david@37signals.com
password_digest: <%= digest %>
role: member
<% if User.reflect_on_association :external_user %>
external_user: 37s_fizzy_david
<% end %>
jz:
name: JZ
email_address: jz@37signals.com
password_digest: <%= digest %>
role: member
<% if User.reflect_on_association :external_user %>
external_user: 37s_fizzy_jzimdars
<% end %>
kevin:
name: Kevin
email_address: kevin@37signals.com
password_digest: <%= digest %>
role: admin
<% if User.reflect_on_association :external_user %>
external_user: 37s_fizzy_kevin
<% end %>
system:
name: System
+1 -5
View File
@@ -7,11 +7,7 @@ module SessionTestHelper
cookies.delete :session_token
user = users(user) unless user.is_a? User
if Rails.application.config.x.local_authentication
post session_path, params: { email_address: user.email_address, password: "secret123456" }
else
saas_extension_sign_in_as(user)
end
post session_path, params: { email_address: user.email_address, password: "secret123456" }
cookie = cookies.get_cookie "session_token"
assert_not_nil cookie, "Expected session_token cookie to be set after sign in"