From 47370084d2a7aff99efc96f4fbca78d518b8830c Mon Sep 17 00:00:00 2001 From: Mike Dalessio Date: Tue, 30 Sep 2025 13:03:08 -0400 Subject: [PATCH] Remove code related to Launchpad auth or 37id Users --- db/seeds.rb | 47 ++++--------------- .../concerns/sessions/signal_sessions.rb | 14 ------ .../sessions/launchpad_controller.rb | 23 --------- .../app/helpers/login_helper/signal_login.rb | 15 ------ .../app/models/account/signal_account.rb | 3 +- .../fizzy-saas/app/models/user/signal_user.rb | 19 -------- gems/fizzy-saas/config/routes.rb | 6 --- gems/fizzy-saas/lib/fizzy/saas/engine.rb | 4 -- .../controller_authentication_test.rb | 17 ------- .../sessions/launchpad_controller_test.rb | 38 --------------- .../controllers/sessions_controller_test.rb | 24 ---------- .../models/account/signal_account_test.rb | 8 ++-- gems/fizzy-saas/test/models/signup_test.rb | 2 - .../test/models/user/signal_user_test.rb | 22 --------- gems/fizzy-saas/test/test_helper.rb | 4 -- script/create-new-user.rb | 44 ++++++----------- script/load-prod-db-in-dev.rb | 1 - .../migrations/create-accounts-in-staging.rb | 21 --------- script/stitch-signal-id-accounts.rb | 41 ---------------- .../controller_authentication_test.rb | 18 ++++--- test/controllers/sessions_controller_test.rb | 40 ++++++++-------- test/fixtures/users.yml | 9 ---- test/test_helpers/session_test_helper.rb | 6 +-- 23 files changed, 55 insertions(+), 371 deletions(-) delete mode 100644 gems/fizzy-saas/app/controllers/concerns/sessions/signal_sessions.rb delete mode 100644 gems/fizzy-saas/app/controllers/sessions/launchpad_controller.rb delete mode 100644 gems/fizzy-saas/app/helpers/login_helper/signal_login.rb delete mode 100644 gems/fizzy-saas/app/models/user/signal_user.rb delete mode 100644 gems/fizzy-saas/test/controllers/controller_authentication_test.rb delete mode 100644 gems/fizzy-saas/test/controllers/sessions/launchpad_controller_test.rb delete mode 100644 gems/fizzy-saas/test/controllers/sessions_controller_test.rb delete mode 100644 gems/fizzy-saas/test/models/user/signal_user_test.rb delete mode 100755 script/migrations/create-accounts-in-staging.rb delete mode 100755 script/stitch-signal-id-accounts.rb diff --git a/db/seeds.rb b/db/seeds.rb index 74a616684..98954991d 100644 --- a/db/seeds.rb +++ b/db/seeds.rb @@ -40,45 +40,16 @@ def create_tenant(signal_account_name, bare: false) end def find_or_create_user(full_name, email_address) - if Rails.application.config.x.local_authentication - if user = User.find_by(email_address: email_address) - user.password = "secret123456" - user.save! - user - else - User.create!( - name: full_name, - email_address: email_address, - password: "secret123456" - ) - end + if user = User.find_by(email_address: email_address) + user.password = "secret123456" + user.save! + user else - SignalId::Database.on_master do - unless signal_identity = SignalId::Identity.find_by_email_address(email_address) - signal_identity = SignalId::Identity.create!( - name: full_name, - email_address: email_address, - username: email_address, - password: "secret123456" - ) - end - - signal_account = Account.sole.external_account - signal_user = SignalId::User.find_or_create_by!(identity: signal_identity, account: signal_account) - - if user = User.find_by(external_user_id: signal_user.id) - user.password = "secret123456" - user.save! - user - else - User.create!( - external_user_id: signal_user.id, - name: signal_identity.name, - email_address: signal_identity.email_address, - password: "secret123456" - ) - end - end + User.create!( + name: full_name, + email_address: email_address, + password: "secret123456" + ) end end diff --git a/gems/fizzy-saas/app/controllers/concerns/sessions/signal_sessions.rb b/gems/fizzy-saas/app/controllers/concerns/sessions/signal_sessions.rb deleted file mode 100644 index 8d22dd8b7..000000000 --- a/gems/fizzy-saas/app/controllers/concerns/sessions/signal_sessions.rb +++ /dev/null @@ -1,14 +0,0 @@ -module Sessions - module SignalSessions - extend ActiveSupport::Concern - - included do - before_action :require_local_auth, only: %i[ new create ] - end - - private - def require_local_auth - head :forbidden - end - end -end diff --git a/gems/fizzy-saas/app/controllers/sessions/launchpad_controller.rb b/gems/fizzy-saas/app/controllers/sessions/launchpad_controller.rb deleted file mode 100644 index 8c15ef596..000000000 --- a/gems/fizzy-saas/app/controllers/sessions/launchpad_controller.rb +++ /dev/null @@ -1,23 +0,0 @@ -class Sessions::LaunchpadController < ApplicationController - require_unauthenticated_access - - before_action :require_sig - - def show - end - - def update - user = Account.sole.external_account.authenticate(sig: @sig).try(:peer) - if user.present? && user.active? - start_new_session_for user - redirect_to after_authentication_url - else - render plain: "Authentication failed. This is probably a bug.", status: :unauthorized - end - end - - private - def require_sig - @sig = params.expect(:sig) - end -end diff --git a/gems/fizzy-saas/app/helpers/login_helper/signal_login.rb b/gems/fizzy-saas/app/helpers/login_helper/signal_login.rb deleted file mode 100644 index 69185e9c6..000000000 --- a/gems/fizzy-saas/app/helpers/login_helper/signal_login.rb +++ /dev/null @@ -1,15 +0,0 @@ -module LoginHelper - module SignalLogin - def login_url - if ApplicationRecord.current_tenant - Launchpad.login_url(product: true, account: Account.sole) - else - Launchpad.login_url(product: true) - end - end - - def logout_url - Launchpad.logout_url - end - end -end diff --git a/gems/fizzy-saas/app/models/account/signal_account.rb b/gems/fizzy-saas/app/models/account/signal_account.rb index 358f390a4..f117347dd 100644 --- a/gems/fizzy-saas/app/models/account/signal_account.rb +++ b/gems/fizzy-saas/app/models/account/signal_account.rb @@ -20,9 +20,8 @@ module Account::SignalAccount User.create!( name: account.external_account.owner.name, email_address: account.external_account.owner.email_address, - external_user_id: account.external_account.owner.id, role: "admin", - password: SecureRandom.hex(36) # TODO: remove password column? + password: SecureRandom.hex(16) ) end end diff --git a/gems/fizzy-saas/app/models/user/signal_user.rb b/gems/fizzy-saas/app/models/user/signal_user.rb deleted file mode 100644 index 8657c20ad..000000000 --- a/gems/fizzy-saas/app/models/user/signal_user.rb +++ /dev/null @@ -1,19 +0,0 @@ -module User::SignalUser - extend ActiveSupport::Concern - - prepended do - # the external_user_id is the SignalId::User id - belongs_to :external_user, dependent: :destroy, class_name: "SignalId::User", optional: true - end - - class_methods do - def find_by_signal_user_id(signal_user_id) - find_by(external_user_id: signal_user_id) - end - end - - def deactivate - super - SignalId::Database.on_master { external_user&.destroy } - end -end diff --git a/gems/fizzy-saas/config/routes.rb b/gems/fizzy-saas/config/routes.rb index 91d6df361..6fff83e03 100644 --- a/gems/fizzy-saas/config/routes.rb +++ b/gems/fizzy-saas/config/routes.rb @@ -1,10 +1,4 @@ Fizzy::Saas::Engine.routes.draw do - resource :session do - scope module: "sessions" do - resource :launchpad, only: %i[ show update ], controller: "launchpad" - end - end - namespace :signup do get "/" => "accounts#new" resources :accounts, only: %i[ new create ] diff --git a/gems/fizzy-saas/lib/fizzy/saas/engine.rb b/gems/fizzy-saas/lib/fizzy/saas/engine.rb index 2729e1db3..4e5e93489 100644 --- a/gems/fizzy-saas/lib/fizzy/saas/engine.rb +++ b/gems/fizzy-saas/lib/fizzy/saas/engine.rb @@ -5,10 +5,7 @@ module Fizzy class Engine < ::Rails::Engine # extend application models config.to_prepare do - User.prepend User::SignalUser Account.prepend Account::SignalAccount - LoginHelper.prepend LoginHelper::SignalLogin - SessionsController.include Sessions::SignalSessions end # moved from config/initializers/queenbee.rb @@ -39,7 +36,6 @@ module Fizzy silence_warnings do SignalId::Account::Peer = Account - SignalId::User::Peer = User end end diff --git a/gems/fizzy-saas/test/controllers/controller_authentication_test.rb b/gems/fizzy-saas/test/controllers/controller_authentication_test.rb deleted file mode 100644 index bf1fc21aa..000000000 --- a/gems/fizzy-saas/test/controllers/controller_authentication_test.rb +++ /dev/null @@ -1,17 +0,0 @@ -require "test_helper" - -class ControllerAuthenticationTest < ActionDispatch::IntegrationTest - test "access without an account slug redirects to launchpad" do - integration_session.default_url_options[:script_name] = "" # no tenant - - get cards_path - - assert_redirected_to Launchpad.login_url(product: true) - end - - test "access with an account slug but no session redirects to launchpad" do - get cards_path - - assert_redirected_to Launchpad.login_url(product: true, account: Account.sole) - end -end diff --git a/gems/fizzy-saas/test/controllers/sessions/launchpad_controller_test.rb b/gems/fizzy-saas/test/controllers/sessions/launchpad_controller_test.rb deleted file mode 100644 index 309f6ec1a..000000000 --- a/gems/fizzy-saas/test/controllers/sessions/launchpad_controller_test.rb +++ /dev/null @@ -1,38 +0,0 @@ -require "test_helper" - -class Sessions::LaunchpadControllerTest < ActionDispatch::IntegrationTest - test "show renders when not signed in" do - get saas.session_launchpad_path(params: { sig: "test-sig" }) - - assert_response :success - - assert_select "form input#sig" do |node| - assert_equal node.length, 1 - assert_equal node.first["value"], "test-sig" - end - end - - test "create establishes a session when the sig is valid" do - user = users(:david) - - put saas.session_launchpad_path(params: { sig: user.external_user.perishable_signature }) - - assert_redirected_to root_url - assert parsed_cookies.signed[:session_token] - end - - test "create checks user.active?" do - user = users(:david) - user.update! active: false - - put saas.session_launchpad_path(params: { sig: user.external_user.perishable_signature }) - - assert_response :unauthorized - end - - test "returns 401 when the sig is invalid" do - put saas.session_launchpad_path(params: { sig: "invalid" }) - - assert_response :unauthorized - end -end diff --git a/gems/fizzy-saas/test/controllers/sessions_controller_test.rb b/gems/fizzy-saas/test/controllers/sessions_controller_test.rb deleted file mode 100644 index 98df25bdf..000000000 --- a/gems/fizzy-saas/test/controllers/sessions_controller_test.rb +++ /dev/null @@ -1,24 +0,0 @@ -require "test_helper" - -class SessionsControllerTest < ActionDispatch::IntegrationTest - test "destroy" do - sign_in_as :kevin - - delete session_path - - assert_redirected_to Launchpad.logout_url - assert_not cookies[:session_token].present? - end - - test "new" do - get new_session_path - - assert_response :forbidden - end - - test "create" do - post session_path, params: { email_address: "david@37signals.com", password: "secret123456" } - - assert_response :forbidden - end -end diff --git a/gems/fizzy-saas/test/models/account/signal_account_test.rb b/gems/fizzy-saas/test/models/account/signal_account_test.rb index 623f95610..ad43e45cb 100644 --- a/gems/fizzy-saas/test/models/account/signal_account_test.rb +++ b/gems/fizzy-saas/test/models/account/signal_account_test.rb @@ -18,7 +18,7 @@ class Account::SignalAccountTest < ActiveSupport::TestCase assert_equal @account, @account.external_account.peer end - test ".create_with_admin_user creates a new local account and user peers" do + test ".create_with_admin_user creates a new local account" do ApplicationRecord.create_tenant("account-create-with-dependents") do signal_account = signal_accounts(:honcho_fizzy) account = Account.create_with_admin_user(tenant_id: signal_account.queenbee_id) @@ -32,11 +32,9 @@ class Account::SignalAccountTest < ActiveSupport::TestCase assert_equal 1, User.count User.first.tap do |user| - assert signal_account.owner.name, user.name - assert signal_account.owner.email_address, user.email_address - assert signal_account.owner.id, user.external_user_id + assert_equal signal_account.owner.name, user.name + assert_equal signal_account.owner.email_address, user.email_address assert_equal "admin", user.role - assert_equal user, signal_account.owner.peer end end end diff --git a/gems/fizzy-saas/test/models/signup_test.rb b/gems/fizzy-saas/test/models/signup_test.rb index 96e432840..e64dbf801 100644 --- a/gems/fizzy-saas/test/models/signup_test.rb +++ b/gems/fizzy-saas/test/models/signup_test.rb @@ -42,7 +42,6 @@ class SignupTest < ActiveSupport::TestCase assert @signup.user assert @signup.user.persisted? - assert_equal @signup.user.external_user, @signup.signal_account.owner assert_equal @signup.queenbee_account.id.to_s, @signup.tenant_name assert_includes ApplicationRecord.tenants, @signup.tenant_name @@ -86,7 +85,6 @@ class SignupTest < ActiveSupport::TestCase assert @signup.user assert @signup.user.persisted? - assert_equal @signup.user.external_user, @signup.signal_account.owner assert_equal @signup.queenbee_account.id.to_s, @signup.tenant_name assert_includes ApplicationRecord.tenants, @signup.tenant_name diff --git a/gems/fizzy-saas/test/models/user/signal_user_test.rb b/gems/fizzy-saas/test/models/user/signal_user_test.rb deleted file mode 100644 index b244a587e..000000000 --- a/gems/fizzy-saas/test/models/user/signal_user_test.rb +++ /dev/null @@ -1,22 +0,0 @@ -require "test_helper" - -class User::SignalUserTest < ActiveSupport::TestCase - setup do - @user = users(:david) - end - - test "belongs to a Signal::User" do - assert_not_nil @user.external_user_id - assert_equal signal_users("37s_fizzy_david"), @user.external_user - end - - test "peering" do - assert_equal @user, @user.external_user.peer - end - - test "deactivate clears signal user" do - users(:jz).deactivate - - assert_nil users(:jz).reload.external_user - end -end diff --git a/gems/fizzy-saas/test/test_helper.rb b/gems/fizzy-saas/test/test_helper.rb index 22d468a6c..648afa3ee 100644 --- a/gems/fizzy-saas/test/test_helper.rb +++ b/gems/fizzy-saas/test/test_helper.rb @@ -4,10 +4,6 @@ require "queenbee/testing/mocks" module ActiveSupport class TestCase include SignalId::Testing - - def saas_extension_sign_in_as(user) - put saas.session_launchpad_path, params: { sig: user.external_user.perishable_signature } - end end end diff --git a/script/create-new-user.rb b/script/create-new-user.rb index 934719447..ab30c585e 100755 --- a/script/create-new-user.rb +++ b/script/create-new-user.rb @@ -2,41 +2,25 @@ require_relative "../config/environment" -if ARGV.length < 2 - puts "Usage: #{$0} " +if ARGV.length < 3 + puts "Usage: #{$0} " exit 1 end -email_address = ARGV[0] -tenant = ARGV[1] +tenant = ARGV.shift +email_address = ARGV.shift +name = ARGV.join(" ") -def confirm(noun) - print "Is this the correct #{noun}? (y/n) " - response = $stdin.gets.chomp.downcase - exit 0 unless response == "y" - puts -end - -signal_identity = SignalId::Identity.find_by!(email_address: email_address) -pp signal_identity -confirm "identity" - -ApplicationRecord.with_tenant(tenant) do - signal_account = Account.sole.external_account - pp signal_account - confirm "account" - - SignalId::Database.on_master do - signal_user = SignalId::User.create!(identity: signal_identity, account: signal_account) - - user = User.create!( - name: signal_user.name, - email_address: signal_user.email_address, - external_user_id: signal_user.id, - password: SecureRandom.hex(36) # TODO: remove password column? - ) +begin + ApplicationRecord.with_tenant(tenant) do + password = SecureRandom.hex(16) + user = User.create!(name:, email_address:, password:) puts "Created: " - pp [ user, signal_user ] + pp user + + puts "Password is: #{password.inspect}" end +rescue Exception => e + puts "Failed with error: #{e.inspect}" end diff --git a/script/load-prod-db-in-dev.rb b/script/load-prod-db-in-dev.rb index a619b1f8d..da0db12ba 100755 --- a/script/load-prod-db-in-dev.rb +++ b/script/load-prod-db-in-dev.rb @@ -34,7 +34,6 @@ ActiveRecord::Tenanted::DatabaseTasks.migrate_all ApplicationRecord.with_tenant(signup.tenant_name) do |tenant| Account.sole.update! external_account: signup.signal_account - User.first.update! external_user: signup.signal_account.owner puts "\n\nLogin to http://launchpad.localhost:3011/ as #{signup.email_address} / #{signup.password}" end diff --git a/script/migrations/create-accounts-in-staging.rb b/script/migrations/create-accounts-in-staging.rb deleted file mode 100755 index d0279d608..000000000 --- a/script/migrations/create-accounts-in-staging.rb +++ /dev/null @@ -1,21 +0,0 @@ -#!/usr/bin/env ruby - -require_relative "../config/environment" - -ApplicationRecord.with_each_tenant do |tenant| - account = Account.sole - signal_account = account.signal_account - - signal_users = SignalId::User.where(account_id: signal_account.id) - - signal_users.each do |signal_user| - unless User.find_by(signal_user_id: signal_user.id) - User.create!( - name: signal_user.identity.name, - email_address: signal_user.identity.email_address, - signal_user_id: signal_user.id, - password: SecureRandom.hex(36) # TODO: remove password column? - ) - end - end -end diff --git a/script/stitch-signal-id-accounts.rb b/script/stitch-signal-id-accounts.rb deleted file mode 100755 index e08f594ae..000000000 --- a/script/stitch-signal-id-accounts.rb +++ /dev/null @@ -1,41 +0,0 @@ -#!/usr/bin/env ruby - -# -# this is intended to copy a production database into beta, change the account id, and stitch the -# user accounts together properly. -# - -require_relative "../config/environment" - -ActiveRecord::Base.logger = Logger.new(File::NULL) - -ApplicationRecord.with_each_tenant do |tenant| - puts "\n# tenant: #{tenant}" - - signal_account = SignalId::Account.find_by!(queenbee_id: tenant) - puts "Found signal account #{signal_account.inspect}" - - account = Account.sole - if account.tenant_id != tenant - puts "setting account tenant_id to #{tenant}" - account.update!(tenant_id: tenant, name: account.name + " (Beta)") - end - - User.find_each do |user| - next if user.system? || user.external_user_id.nil? - - signal_user = user.external_user - next if signal_user.nil? - next if signal_user.account == account.external_account - - signal_identity = signal_user.identity - pp signal_identity - - SignalId::Database.on_master do - signal_user = SignalId::User.find_or_create_by!(identity: signal_identity, account: signal_account) - puts "Created signal user #{signal_user.inspect} for identity #{signal_identity.inspect}" - user.external_user_id = signal_user.id - user.save! - end - end -end diff --git a/test/controllers/controller_authentication_test.rb b/test/controllers/controller_authentication_test.rb index 1dfc7a3fd..02b729089 100644 --- a/test/controllers/controller_authentication_test.rb +++ b/test/controllers/controller_authentication_test.rb @@ -1,20 +1,18 @@ require "test_helper" class ControllerAuthenticationTest < ActionDispatch::IntegrationTest - if Rails.application.config.x.local_authentication - test "access without an account slug redirects to new session" do - integration_session.default_url_options[:script_name] = "" # no tenant + test "access without an account slug redirects to new session" do + integration_session.default_url_options[:script_name] = "" # no tenant - get cards_path + get cards_path - assert_redirected_to new_session_path - end + assert_redirected_to new_session_path + end - test "access with an account slug but no session redirects to new session" do - get cards_path + test "access with an account slug but no session redirects to new session" do + get cards_path - assert_redirected_to new_session_path - end + assert_redirected_to new_session_path end test "access with an account slug and a session allows functional access" do diff --git a/test/controllers/sessions_controller_test.rb b/test/controllers/sessions_controller_test.rb index 9a8cf0caf..0c85ad83c 100644 --- a/test/controllers/sessions_controller_test.rb +++ b/test/controllers/sessions_controller_test.rb @@ -1,34 +1,32 @@ require "test_helper" class SessionsControllerTest < ActionDispatch::IntegrationTest - if Rails.application.config.x.local_authentication - test "destroy" do - sign_in_as :kevin + test "destroy" do + sign_in_as :kevin - delete session_path + delete session_path - assert_redirected_to new_session_path - assert_not cookies[:session_token].present? - end + assert_redirected_to new_session_path + assert_not cookies[:session_token].present? + end - test "new" do - get new_session_path + test "new" do + get new_session_path - assert_response :success - end + assert_response :success + end - test "create with valid credentials" do - post session_path, params: { email_address: "david@37signals.com", password: "secret123456" } + test "create with valid credentials" do + post session_path, params: { email_address: "david@37signals.com", password: "secret123456" } - assert_redirected_to root_path - assert cookies[:session_token].present? - end + assert_redirected_to root_path + assert cookies[:session_token].present? + end - test "create with invalid credentials" do - post session_path, params: { email_address: "david@37signals.com", password: "wrong" } + test "create with invalid credentials" do + post session_path, params: { email_address: "david@37signals.com", password: "wrong" } - assert_redirected_to new_session_path - assert_not cookies[:session_token].present? - end + assert_redirected_to new_session_path + assert_not cookies[:session_token].present? end end diff --git a/test/fixtures/users.yml b/test/fixtures/users.yml index 73c15ea65..d12c1a4b3 100644 --- a/test/fixtures/users.yml +++ b/test/fixtures/users.yml @@ -5,27 +5,18 @@ david: email_address: david@37signals.com password_digest: <%= digest %> role: member -<% if User.reflect_on_association :external_user %> - external_user: 37s_fizzy_david -<% end %> jz: name: JZ email_address: jz@37signals.com password_digest: <%= digest %> role: member -<% if User.reflect_on_association :external_user %> - external_user: 37s_fizzy_jzimdars -<% end %> kevin: name: Kevin email_address: kevin@37signals.com password_digest: <%= digest %> role: admin -<% if User.reflect_on_association :external_user %> - external_user: 37s_fizzy_kevin -<% end %> system: name: System diff --git a/test/test_helpers/session_test_helper.rb b/test/test_helpers/session_test_helper.rb index b04b06962..e857da327 100644 --- a/test/test_helpers/session_test_helper.rb +++ b/test/test_helpers/session_test_helper.rb @@ -7,11 +7,7 @@ module SessionTestHelper cookies.delete :session_token user = users(user) unless user.is_a? User - if Rails.application.config.x.local_authentication - post session_path, params: { email_address: user.email_address, password: "secret123456" } - else - saas_extension_sign_in_as(user) - end + post session_path, params: { email_address: user.email_address, password: "secret123456" } cookie = cookies.get_cookie "session_token" assert_not_nil cookie, "Expected session_token cookie to be set after sign in"