Notify user about new RS authorizations

app/mailers/notification_mailer.rb

@@ -5,4 +5,11 @@ class NotificationMailer < ApplicationMailer
     @subject = "Sats received"
     mail to: @user.email, subject: @subject
   end
+
+  def remotestorage_auth_created
+    @user = params[:user]
+    @auth = params[:auth]
+    @subject = "New app connected to your storage"
+    mail to: @user.email, subject: @subject
+  end
 end

app/models/remote_storage_authorization.rb

@@ -18,7 +18,7 @@ class RemoteStorageAuthorization < ApplicationRecord
   before_create  :store_token_in_redis
   before_create  :find_or_create_web_app
   after_create   :schedule_token_expiry
-  # after_create   :notify_user
+  after_create   :notify_user
   before_destroy :delete_token_from_redis
   after_destroy  :remove_token_expiry_job
 
@@ -93,4 +93,22 @@ class RemoteStorageAuthorization < ApplicationRecord
     rescue URI::InvalidURIError
       false
     end
+
+    def notify_user
+      notify = user.preferences[:remotestorage_notify_auth_created]
+
+      case notify
+      when "xmpp"
+        router = Router.new
+        payload = {
+          type: "normal", to: user.address,
+          from: Setting.xmpp_notifications_from_address,
+          body: "You have just granted '#{self.client_id}' access to your Kosmos Storage. Visit your Storage dashboard to check on your connected apps and revoke permissions anytime: #{router.services_storage_url}"
+        }
+        XmppSendMessageJob.perform_later(payload)
+      when "email"
+        NotificationMailer.with(user: user, auth: self)
+                          .remotestorage_auth_created.deliver_later
+      end
+    end
 end

app/services/router.rb

@@ -0,0 +1,7 @@
+class Router
+  include Rails.application.routes.url_helpers
+
+  def self.default_url_options
+    ActionMailer::Base.default_url_options
+  end
+end

app/views/notification_mailer/remotestorage_auth_created.text.erb

@@ -0,0 +1,23 @@
+Hi <%= @user.display_name.presence || @user.cn %>,
+
+You have just granted '<%= @auth.client_id %>' access to your Kosmos Storage, with the following permissions:
+
+<% @permissions.each do |p| %>
+* <%= p %>
+<% end %>
+
+Visit your Storage dashboard to check on your connected apps and revoke permissions anytime:
+
+<%= services_storage_url %>
+
+Have fun!
+
+---
+
+You can disable email notifications for new app authorizations in your account settings:
+<%= setting_path(:remotestorage) %>
+
+<% if Setting.discourse_enabled %>
+If you have any questions, please visit our community forums:
+<%= Setting.discourse_public_url %>
+<% end %>

spec/models/remote_storage_authorization_spec.rb

@@ -245,44 +245,69 @@ RSpec.describe RemoteStorageAuthorization, type: :model do
     end
   end
 
-  # describe "auth notifications" do
+  describe "notifications" do
-  #   context "with auth notifications enabled" do
+    include ActiveJob::TestHelper
-  #     before do
+
-  #       ResqueSpec.reset!
+    after(:each) { clear_enqueued_jobs }
-  #       user.push(mailing_lists: "rs-auth-notifications-#{Rails.env}")
+    after(:all)  { redis_rs_delete_keys("authorizations:*") }
-  #       auth = user.remote_storage_authorizations.create!(
+
-  #                 :permissions => %w(documents photos contacts:rw videos:r tasks/work:r),
+    before { allow(user).to receive(:display_name).and_return("Jimmy") }
-  #                 :client_id => "example.com",
+
-  #                 :redirect_uri => "https://example.com"
+    context "with notifications disabled" do
-  #               )
+      before do
-  #     end
+        user.preferences.merge!({ remotestorage_notify_auth_created: "off" })
-  #
+        user.save!
-  #     it "notifies the user via email" do
+        user.remote_storage_authorizations.create!(
-  #       expect(enqueued_jobs.size).to eq(1)
+          :permissions => %w(photos), :client_id => "app.example.com",
-  #       job = enqueued_jobs.first
+          :redirect_uri => "https://app.example.com"
-  #       expect(job).to eq(
+        )
-  #         job: ActionMailer::DeliveryJob,
+      end
-  #         args: ['StorageAuthorizationMailer', 'authorized_rs_app', 'deliver_now',
+
-  #                auth.id.to_s],
+      it "does not notify the user via email about new RS app" do
-  #         queue: 'mailers'
+        expect(enqueued_jobs.size).to eq(0)
-  #       )
+      end
-  #     end
+    end
-  #   end
+
-  #
+    context "with email notifications enabled" do
-  #   context "with auth notifications disabled" do
+      before do
-  #     before do
+        user.preferences.merge!({ remotestorage_notify_auth_created: "email" })
-  #       ResqueSpec.reset!
+        user.save!
-  #       user.pull(mailing_lists: "rs-auth-notifications-#{Rails.env}")
+        user.remote_storage_authorizations.create!(
-  #       auth = user.remote_storage_authorizations.create!(
+          :permissions => %w(photos), :client_id => "app.example.com",
-  #                 :permissions => %w(documents photos contacts:rw videos:r tasks/work:r),
+          :redirect_uri => "https://app.example.com"
-  #                 :client_id => "example.com",
+        )
-  #                 :redirect_uri => "https://example.com"
+      end
-  #               )
+
-  #     end
+      it "notifies the user via email" do
-  #
+        expect(enqueued_jobs.size).to eq(1)
-  #     it "does not notify the user via email about new RS app" do
+        job = enqueued_jobs.select{|j| j['job_class'] == "ActionMailer::MailDeliveryJob"}.first
-  #       expect(enqueued_jobs.size).to eq(0)
+        expect(job['arguments'][0]).to eq('NotificationMailer')
-  #     end
+        expect(job['arguments'][1]).to eq('remotestorage_auth_created')
-  #   end
+        expect(job['arguments'][3]['params']['user']['_aj_globalid']).to eq('gid://akkounts/User/1')
-  # end
+        expect(job['arguments'][3]['params']['auth']['_aj_globalid']).to eq('gid://akkounts/RemoteStorageAuthorization/1')
+      end
+    end
+
+    context "with XMPP notifications enabled" do
+      before do
+        Setting.xmpp_notifications_from_address = "botka@kosmos.org"
+        user.preferences.merge!({ remotestorage_notify_auth_created: "xmpp" })
+        user.save!
+        user.remote_storage_authorizations.create!(
+          :permissions => %w(photos), :client_id => "app.example.com",
+          :redirect_uri => "https://app.example.com"
+        )
+      end
+
+      it "sends an XMPP message to the account owner's JID" do
+        expect(enqueued_jobs.size).to eq(1)
+        expect(enqueued_jobs.first["job_class"]).to eq("XmppSendMessageJob")
+        msg = enqueued_jobs.first["arguments"].first
+        expect(msg["type"]).to eq("normal")
+        expect(msg["from"]).to eq("botka@kosmos.org")
+        expect(msg["to"]).to eq(user.address)
+        expect(msg["body"]).to match(/granted 'app\.example\.com' access to your Kosmos Storage/)
+      end
+    end
+  end
 end