code clean up and added test cases

portagenetwork · Aug 19, 2024 · ae66ef0 · ae66ef0
1 parent 0c21df3
commit ae66ef0
Show file tree

Hide file tree

Showing 7 changed files with 108 additions and 56 deletions.
diff --git a/app/controllers/identifiers_controller.rb b/app/controllers/identifiers_controller.rb
@@ -8,7 +8,6 @@ class IdentifiersController < ApplicationController
   # DELETE /users/identifiers
   # rubocop:disable Metrics/AbcSize
   def destroy
-    # byebug
     authorize Identifier
     user = User.find(current_user.id)
     identifier = Identifier.find(params[:id])

diff --git a/app/controllers/users/omniauth_callbacks_controller.rb b/app/controllers/users/omniauth_callbacks_controller.rb
@@ -12,24 +12,7 @@ class OmniauthCallbacksController < Devise::OmniauthCallbacksController
       end
     end
 
-
-  #   def openid_connect
-  #     @user = User.from_omniauth(request.env["omniauth.auth"])
-
-  #     if @user.present?
-  #         sign_in_and_redirect @user, event: :authentication
-  #         set_flash_message(:notice, :success, kind: "OpenID Connect") if is_navigational_format?
-  #     else
-  #         session["devise.openid_connect_data"] = request.env["omniauth.auth"]
-  #         redirect_to new_user_registration_url
-  #     end
-  # end
-
-
-
-
     #This is for the OpenidConnect CILogon
-
     def openid_connect
       # First or create
       auth = request.env['omniauth.auth']
@@ -40,7 +23,7 @@ def openid_connect
         #If email is missing we need to request the user to register with DMP. 
         #User email can be missing if the user email id is set to private or trusted clients only we won't get the value. 
         #USer email id is one of the mandatory field which is must required.
-        flash[:notice] = 'Please try sign-up with DMP assistant.'
+        flash[:notice] = 'Something went wrong, Please try signing-up here.'
         redirect_to new_user_registration_path
       elsif current_user.nil?
         # We need to register
@@ -51,7 +34,6 @@ def openid_connect
                             value: auth.uid,
                             attrs: auth,
                             identifiable: user)
-
         end
         sign_in_and_redirect user, event: :authentication
       elsif user.nil?
@@ -61,12 +43,18 @@ def openid_connect
                           attrs: auth,
                           identifiable: current_user)
 
-        flash[:notice] = 'linked succesfully'
-        redirect_to root_path
+        flash[:notice] = 'Linked succesfully'
+        redirect_to root_path    
       end
     end
 
+    def orcid
+      handle_omniauth(IdentifierScheme.for_authentication.find_by(name: 'orcid'))
+    end
 
+    def shibboleth
+      handle_omniauth(IdentifierScheme.for_authentication.find_by(name: 'shibboleth'))
+    end
 
     # Processes callbacks from an omniauth provider and directs the user to
     # the appropriate page:

diff --git a/app/models/user.rb b/app/models/user.rb
@@ -177,39 +177,29 @@ class User < ApplicationRecord
   ##
   # Load the user based on the scheme and id provided by the Omniauth call
   def self.from_omniauth(auth)
-    # byebug
     Identifier.by_scheme_name(auth.provider.downcase.to_s, 'User')
                 .where(value: auth.uid)
                 .first&.identifiable
-              # end
-
-
-  #             Rails.logger.info "OmniAuth Auth Hash: #{auth.inspect}"
-              # where(provider: auth.provider, uid: auth.uid).first_or_create do |user|
-              #   user.provider = auth.provider
-              #   user.uid = auth.uid
-              #   user.email = auth.info.email
-              #   user.password = Devise.friendly_token[0,20]
-              # end
-  #             # # .where(value: auth.info.eppn) #need to add a cilogon condition for this
-  #             # .first&.identifiable
-  #             # .where(value: auth.uid).first_or_create do |user|
-  #             #   user.email = auth.info.email
-  #             #   user.password = Devise.friendly_token[0, 20]
-  #             #   user.name = auth.info.name   # if the User model has a name
-  #             # end
   end
 
 
-  # def self.from_omniauth(auth)
-  #   Rails.logger.info "OmniAuth Auth Hash: #{auth.inspect}"
-	#   where(provider: auth.provider, uid: auth.uid).first_or_create do |user|
-	# 	  user.provider = auth.provider
-	# 	  user.uid = auth.uid
-	# 	  user.email = auth.info.email if !auth.info.email_verified.nil?
-	# 	  user.password = Devise.friendly_token[0,20]
-	#   end
-  # end
+    # Handle user creation from provider
+    def self.create_from_provider_data(provider_data)
+      user = User.find_by email: provider_data.info.email
+
+      return user if user
+
+      user = User.new(
+        firstname: provider_data.info.first_name,
+        surname: provider_data.info.last_name,
+        email: provider_data.info.email,
+        # We don't know which organization to setup so we will use other
+        org: Org.find_by(is_other: true),
+        accept_terms: true,
+        password: Devise.friendly_token[0, 20]
+      )
+      user.save
+    end
 
   def self.to_csv(users)
     User::AtCsv.new(users).to_csv

diff --git a/app/views/shared/_sign_in_form.html.erb b/app/views/shared/_sign_in_form.html.erb
@@ -40,15 +40,10 @@
       <p class="text-center fontsize-h4">- <%= _('or') %> -</p>
       <div class="form-group">
         <span class="center-block btn-group-justified">
-        <% #target = user_openid_connect_omniauth_authorize_path %>
-        <%#= link_to _('Sign in with your institutional credentials'), target, method: :post, class: 'btn btn-default' %>
-        <%= link_to "Sign in with CILogon", user_openid_connect_omniauth_authorize_path, method: :post, data: { turbo: false }, class: 'btn btn-default'  %>
-          <%#= button_to 'Login with CILogon', user_openid_connect_omniauth_authorize_path, method: :post, class: 'btn btn-default' %>
+        <%= link_to _('Sign in with ORCID iD'), user_openid_connect_omniauth_authorize_path, method: :post, data: { turbo: false }, class: 'btn btn-default'  %>
         </span>
       </div>
     <% else %>
-      <%#= debug session %>
-      <%#= f.hidden_field :openid_connect_id, :value => session['devise.openid_connect_data']['uid'] %>
     <% end %>
 <% end %>
 

diff --git a/config/database.yml b/config/database.yml
@@ -15,6 +15,9 @@ development:
 # Do not set this db to the same as development or production.
 test:
   <<: *defaults
+  username: <%= ENV['DATABASE_USER'] %>
+  password: <%= ENV['DATABASE_PASSWORD'] %>
+  host: <%= ENV['DATABASE_URL'] || '127.0.0.1' %>
   url: <%= Rails.application.secrets.database_test_url %>
 
 uat:

diff --git a/config/initializers/cookie_size.rb b/config/initializers/cookie_size.rb
@@ -3,6 +3,6 @@
 module ActionDispatch
     class Cookies
       # Increase the MAX_COOKIE_SIZE to 8KB (8192 bytes)
-      MAX_COOKIE_SIZE = 4600
+      # MAX_COOKIE_SIZE = 4600
     end
   end
diff --git a/spec/controllers/omniauth_callbacks_controller_spec.rb b/spec/controllers/omniauth_callbacks_controller_spec.rb
@@ -0,0 +1,77 @@
+require 'rails_helper'
+
+RSpec.describe UsersController, type: :controller do
+  describe '#openid_connect' do
+    let(:auth) do
+      OmniAuth::AuthHash.new(
+        provider: 'provider_name',
+        uid: '123545',
+        info: {
+          email: '[email protected]'
+        }
+      )
+    end
+
+    before do
+      request.env['omniauth.auth'] = auth
+    end
+
+    context 'when the email is missing and user does not exist' do
+      before do
+        allow(User).to receive(:from_omniauth).and_return(nil)
+        allow(auth.info).to receive(:email).and_return(nil)
+        get :openid_connect
+      end
+
+      it 'redirects to the registration page with a flash message' do
+        expect(flash[:notice]).to eq('Something went wrong, Please try signing-up here.')
+        expect(response).to redirect_to(new_user_registration_path)
+      end
+    end
+
+    context 'when current_user is nil and user is nil' do
+      before do
+        allow(User).to receive(:from_omniauth).and_return(nil)
+        allow(User).to receive(:create_from_provider_data).and_return(create(:user))
+        allow(IdentifierScheme).to receive(:find_by_name).and_return(create(:identifier_scheme))
+        get :openid_connect
+      end
+
+      it 'creates a new user and identifier, and redirects after signing in' do
+        expect(User).to have_received(:create_from_provider_data).with(auth)
+        expect(response).to redirect_to(root_path) # Assuming redirect after sign_in_and_redirect
+      end
+    end
+
+    context 'when current_user is nil but user exists' do
+      let(:user) { create(:user) }
+
+      before do
+        allow(User).to receive(:from_omniauth).and_return(user)
+        get :openid_connect
+      end
+
+      it 'signs in the user and redirects' do
+        expect(controller.current_user).to eq(user)
+        expect(response).to redirect_to(root_path) # Assuming redirect after sign_in_and_redirect
+      end
+    end
+
+    context 'when user is nil but current_user exists' do
+      let(:current_user) { create(:user) }
+
+      before do
+        allow(controller).to receive(:current_user).and_return(current_user)
+        allow(User).to receive(:from_omniauth).and_return(nil)
+        allow(IdentifierScheme).to receive(:find_by_name).and_return(create(:identifier_scheme))
+        get :openid_connect
+      end
+
+      it 'creates a new identifier and redirects to root with a flash notice' do
+        expect(Identifier).to have_received(:create)
+        expect(flash[:notice]).to eq('Linked successfully')
+        expect(response).to redirect_to(root_path)
+      end
+    end
+  end
+end