Add global setting for default services, enable for preconfirmed accounts

Co-authored-by: Greg Karékinian <greg@karekinian.com>
2024-03-28 17:19:29 +04:00 · 2024-03-28 17:19:29 +04:00 · 80e69df75c
commit 80e69df75c
parent 02af69b055
6 changed files with 83 additions and 15 deletions
--- a/app/jobs/create_ldap_user_job.rb
+++ b/app/jobs/create_ldap_user_job.rb
@ -1,7 +1,7 @@
 class CreateLdapUserJob < ApplicationJob
  queue_as :default
-  def perform(username, domain, email, hashed_pw)
+  def perform(username:, domain:, email:, hashed_pw:, confirmed: false)
    dn = "cn=#{username},ou=#{domain},cn=users,dc=kosmos,dc=org"
    attr = {
      objectclass: ["top", "account", "person", "extensibleObject"],
@ -12,6 +12,10 @@ class CreateLdapUserJob < ApplicationJob
      userPassword: hashed_pw
    }
    if confirmed
      attr[:serviceEnabled] = Setting.default_services
    end
    ldap_client.add(dn: dn, attributes: attr)
  end
--- a/app/models/setting.rb
+++ b/app/models/setting.rb
@ -206,4 +206,9 @@ class Setting < RailsSettings::Base
  #
  # field :email_imap_port, type: :string,
  #   default: ENV["EMAIL_IMAP_PORT"].presence || 993
  def self.default_services
    # TODO Make configurable from respective service settings page
    %w[ discourse gitea mediawiki xmpp ]
  end
 end
--- a/app/models/user.rb
+++ b/app/models/user.rb
@ -93,9 +93,7 @@ class User < ApplicationRecord
      LdapManager::UpdateEmail.call(dn: self.dn, address: self.email)
    else
      # E-Mail from signup confirmed (i.e. account activation)
-
+      enable_default_services
      # TODO Make configurable, only activate globally enabled services
      enable_service %w[ discourse gitea mediawiki xmpp ]
      # TODO enable in development when we have easy setup of ejabberd etc.
      return if Rails.env.development? || !Setting.ejabberd_enabled?
@ -141,6 +139,10 @@ class User < ApplicationRecord
    self.errors[attribute_name].blank?
  end
  def enable_default_services
    enable_service Setting.default_services
  end
  def ln_create_invoice(payload)
    lndhub = Lndhub.new
    lndhub.authenticate self
--- a/app/services/create_account.rb
+++ b/app/services/create_account.rb
@ -35,11 +35,15 @@ class CreateAccount < ApplicationService
    @invitation.update! invited_user_id: user_id, used_at: DateTime.now
  end
  # TODO move to confirmation
  # (and/or add email_confirmed to entry and use in login filter)
  def add_ldap_document
    hashed_pw = Devise.ldap_auth_password_builder.call(@password)
-    CreateLdapUserJob.perform_later(@username, @domain, @email, hashed_pw)
+    CreateLdapUserJob.perform_later(
      username: @username,
      domain: @domain,
      email: @email,
      hashed_pw: hashed_pw,
      confirmed: @confirmed
    )
  end
  def create_lndhub_account(user)
--- a/spec/jobs/create_ldap_user_job_spec.rb
+++ b/spec/jobs/create_ldap_user_job_spec.rb
@ -3,12 +3,24 @@ require 'rails_helper'
 RSpec.describe CreateLdapUserJob, type: :job do
  let(:ldap_client_mock) { instance_double(Net::LDAP) }
-  subject(:job) {
+  before do
    allow_any_instance_of(described_class).to receive(:ldap_client).and_return(ldap_client_mock)
  end
  subject(:job) {
    described_class.perform_later(
-      'halfinney', 'kosmos.org', 'halfinney@example.com',
+      username: 'halfinney', domain: 'kosmos.org',
-      'remember-remember-the-5th-of-november'
+      email: 'halfinney@example.com',
      hashed_pw: 'remember-remember-the-5th-of-november'
    )
  }
  subject(:job_for_preconfirmed_account) {
    described_class.perform_later(
      username: 'halfinney', domain: 'kosmos.org',
      email: 'halfinney@example.com',
      hashed_pw: 'remember-remember-the-5th-of-november',
      confirmed: true
    )
  }
@ -30,6 +42,26 @@ RSpec.describe CreateLdapUserJob, type: :job do
    )
  end
  it "adds default services for pre-confirmed accounts" do
    allow(ldap_client_mock).to receive(:add) # spy on mock
    allow(Setting).to receive(:default_services).and_return(["xmpp", "discourse"])
    perform_enqueued_jobs { job_for_preconfirmed_account }
    expect(ldap_client_mock).to have_received(:add).with(
      dn: "cn=halfinney,ou=kosmos.org,cn=users,dc=kosmos,dc=org",
      attributes: {
        objectclass: ["top", "account", "person", "extensibleObject"],
        cn: "halfinney",
        sn: "halfinney",
        uid: "halfinney",
        mail: "halfinney@example.com",
        serviceEnabled: ["xmpp", "discourse"],
        userPassword: "remember-remember-the-5th-of-november"
      }
    )
  end
  after do
    clear_enqueued_jobs
    clear_performed_jobs
--- a/spec/services/create_account_spec.rb
+++ b/spec/services/create_account_spec.rb
@ -53,11 +53,32 @@ RSpec.describe CreateAccount, type: :model do
      expect(enqueued_jobs.size).to eq(1)
-      args = enqueued_jobs.first['arguments']
+      args = enqueued_jobs.first['arguments'][0]
-      expect(args[0]).to eq('halfinney')
+      expect(args["username"]).to eq('halfinney')
-      expect(args[1]).to eq('kosmos.org')
+      expect(args["domain"]).to eq('kosmos.org')
-      expect(args[2]).to eq('halfinney@example.com')
+      expect(args["email"]).to eq('halfinney@example.com')
-      expect(args[3]).to match(/^{SSHA512}.{171}=/)
+      expect(args["hashed_pw"]).to match(/^{SSHA512}.{171}=/)
    end
    after do
      clear_enqueued_jobs
    end
  end
  describe "#add_ldap_document for pre-confirmed account" do
    include ActiveJob::TestHelper
    let(:service) { CreateAccount.new(account: {
      username: 'halfinney',
      email: 'halfinney@example.com',
      password: 'remember-remember-the-5th-of-november',
      confirmed: true
    })}
    it "enqueues a job to create the LDAP user document" do
      service.send(:add_ldap_document)
      args = enqueued_jobs.first['arguments'][0]
      expect(args["confirmed"]).to be(true)
    end
    after do