Allow to launch RS apps from dashboard

2023-11-19 19:10:13 +01:00 · 2023-11-19 19:10:13 +01:00 · aa399b862a
commit aa399b862a
parent 713e91a720
7 changed files with 54 additions and 53 deletions
--- a/app/components/rs_auth_component.html.erb
+++ b/app/components/rs_auth_component.html.erb
@ -10,13 +10,10 @@
      <%= @auth.client_id %>
    </p>
  </div>
-  <!-- <div> -->
-  <!--   <p class="text&#45;sm text&#45;gray&#45;500"> -->
-  <!--     Approved <%= time_ago_in_words @auth.created_at %> ago -->
-  <!--   </p> -->
-  <!-- </div> -->
  <%= render DropdownComponent.new do %>
-    <%= render DropdownLinkComponent.new(href: "#") do %>
+    <%= render DropdownLinkComponent.new(
+          href: launch_app_services_storage_rs_auth_url(@auth)
+        ) do %>
      Launch app
    <% end %>
    <%= render DropdownLinkComponent.new(
--- a/app/controllers/rs/oauth_controller.rb
+++ b/app/controllers/rs/oauth_controller.rb
@ -95,13 +95,6 @@ class Rs::OauthController < ApplicationController
                allow_other_host: true
  end

-  # GET /rs/oauth/token/:id/launch_app
-  def launch_app
-    auth = current_user.remote_storage_authorizations.find(params[:id])
-
-    redirect_to app_auth_url(auth), allow_other_host: true
-  end
-
  private

  def require_signed_in_with_username
@ -111,12 +104,6 @@ class Rs::OauthController < ApplicationController
    end
  end

-  def app_auth_url(auth)
-    url = "#{auth.url}#remotestorage=#{current_user.address}"
-    url += "&access_token=#{auth.token}"
-    url
-  end
-
  def hostname_of(uri)
    uri.gsub(/http(s)?:\/\//, "").split(":")[0].split("/")[0]
  end
--- a/app/controllers/services/rs_auths_controller.rb
+++ b/app/controllers/services/rs_auths_controller.rb
@ -5,8 +5,8 @@ class Services::RsAuthsController < Services::BaseController
  # before_action :require_service_enabled

  def destroy
-    if @rs_auth = current_user.remote_storage_authorizations.find(params[:id])
-      @rs_auth.destroy!
+    if auth = current_user.remote_storage_authorizations.find(params[:id])
+      auth.destroy!
    else
      http_status :not_found
    end
@ -20,6 +20,13 @@ class Services::RsAuthsController < Services::BaseController
    end
  end

+  def launch_app
+    auth = current_user.remote_storage_authorizations.find(params[:id])
+    launch_url = "#{auth.url}#remotestorage=#{current_user.address}&access_token=#{auth.token}"
+
+    redirect_to launch_url, allow_other_host: true
+  end
+
  private

    def require_feature_enabled
--- a/app/models/remote_storage_authorization.rb
+++ b/app/models/remote_storage_authorization.rb
@ -23,7 +23,7 @@ class RemoteStorageAuthorization < ApplicationRecord
  after_destroy  :remove_token_expiry_job

  def url
-    # TODO use web app scope in addition to host
+    # TODO use web app scope in addition to host/client_id
    uri = URI.parse self.redirect_uri
    "#{uri.scheme}://#{client_id}"
  end
--- a/config/routes.rb
+++ b/config/routes.rb
@ -33,7 +33,8 @@ Rails.application.routes.draw do
    resource :storage, controller: 'remotestorage', only: [:show] do
      resources :rs_auths, only: [:destroy] do
        member do
-          get 'revoke', to: 'rs_auths#destroy'
+          get :revoke, to: 'rs_auths#destroy'
+          get :launch_app
        end
      end
    end
@ -86,7 +87,6 @@ Rails.application.routes.draw do
    resource :oauth, only: [:new, :create], path_names: {
      new: ':username', create: ':username'
    }, controller: 'oauth'
-    get 'oauth/token/:id/launch_app' => 'oauth#launch_app', as: :launch_app
  end

  get '.well-known/webfinger', to: 'webfinger#show'
--- a/spec/controllers/rs/oauth_controller_spec.rb
+++ b/spec/controllers/rs/oauth_controller_spec.rb
@ -437,33 +437,4 @@ RSpec.describe Rs::OauthController, type: :controller do
      end
    end
  end
-
-  describe "GET /rs/oauth/token/:id/launch_app" do
-    context "when user is signed in" do
-      before do
-        sign_in user
-      end
-
-      context "token exists" do
-        before do
-          @auth = user.remote_storage_authorizations.create!(
-            permissions: %w(documents), client_id: "app.example.com",
-            redirect_uri: "https://app.example.com",
-            expire_at: 2.days.from_now
-          )
-
-          get :launch_app, params: { id: @auth.id }
-        end
-
-        after do
-          @auth.destroy
-        end
-
-        it "redirects to the given URL with the correct RS URL fragment params" do
-          launch_url = "https://app.example.com#remotestorage=#{user.address}&access_token=#{@auth.token}"
-          expect(response).to redirect_to(launch_url)
-        end
-      end
-    end
-  end
 end
--- a/spec/controllers/services/rs_auths_controller_spec.rb
+++ b/spec/controllers/services/rs_auths_controller_spec.rb
@ -0,0 +1,39 @@
+require 'rails_helper'
+
+RSpec.describe Services::RsAuthsController, type: :controller do
+  let(:user) { create :user }
+
+  before do
+    allow_any_instance_of(AppCatalog::WebApp).to receive(:update_metadata).and_return(true)
+    allow_any_instance_of(Flipper).to receive(:enabled?).and_return(true)
+  end
+
+  describe "GET /services/storage/rs_auths/:id/launch_app" do
+    context "when user is signed in" do
+      before do
+        sign_in user
+      end
+
+      context "token exists" do
+        before do
+          @auth = user.remote_storage_authorizations.create!(
+            permissions: %w(documents), client_id: "app.example.com",
+            redirect_uri: "https://app.example.com",
+            expire_at: 2.days.from_now
+          )
+
+          get :launch_app, params: { id: @auth.id }
+        end
+
+        after do
+          @auth.destroy
+        end
+
+        it "redirects to the given URL with the correct RS URL fragment params" do
+          launch_url = "https://app.example.com#remotestorage=#{user.address}&access_token=#{@auth.token}"
+          expect(response).to redirect_to(launch_url)
+        end
+      end
+    end
+  end
+end