Merge branch 'master' into feature/rs-oauth

2023-04-13 15:02:51 +02:00
parent ee42d68471 7a50bd23d6
commit eeabbdb7df
62 changed files with 806 additions and 205 deletions
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@@ -3,6 +3,18 @@ class ApplicationController < ActionController::Base
    render :text => exception, :status => 500
  end

+  before_action :sentry_set_user
+
+  def sentry_set_user
+    return unless Setting.sentry_enabled
+
+    if user_signed_in?
+      Sentry.set_user(id: current_user.id, username: current_user.cn)
+    else
+      Sentry.set_user({})
+    end
+  end
+
  def require_user_signed_in
    unless user_signed_in?
      redirect_to welcome_path and return
--- a/app/controllers/settings/account_controller.rb
+++ b/app/controllers/settings/account_controller.rb
@@ -1,13 +0,0 @@
-class Settings::AccountController < SettingsController
-
-  def index
-  end
-
-  def reset_password
-    current_user.send_reset_password_instructions
-    sign_out current_user
-    msg = "We have sent you an email with a link to reset your password."
-    redirect_to check_your_email_path, notice: msg
-  end
-
-end
--- a/app/controllers/settings/profile_controller.rb
+++ b/app/controllers/settings/profile_controller.rb
@@ -1,11 +0,0 @@
-class Settings::ProfileController < SettingsController
-
-  def index
-    @user = current_user
-  end
-
-  def update
-
-  end
-
-end
--- a/app/controllers/settings_controller.rb
+++ b/app/controllers/settings_controller.rb
@@ -1,13 +1,52 @@
 class SettingsController < ApplicationController
-  before_action :require_user_signed_in
-  before_action :set_current_section
+  before_action :authenticate_user!
+  before_action :set_main_nav_section
+  before_action :set_settings_section, only: ['show', 'update']

  def index
+    redirect_to setting_path(:profile)
+  end
+
+  def show
+    @user = current_user
+  end
+
+  def update
+    @user = current_user
+    @user.preferences.merge! user_params[:preferences]
+    @user.save!
+
+    redirect_to setting_path(@settings_section), flash: {
+      success: 'Settings saved.'
+    }
+  end
+
+  def reset_password
+    current_user.send_reset_password_instructions
+    sign_out current_user
+    msg = "We have sent you an email with a link to reset your password."
+    redirect_to check_your_email_path, notice: msg
  end

  private

-  def set_current_section
+  def set_main_nav_section
    @current_section = :settings
  end
+
+  def set_settings_section
+    @settings_section = params[:section]
+    allowed_sections = [:profile, :account, :lightning, :xmpp]
+
+    unless allowed_sections.include?(@settings_section.to_sym)
+      redirect_to setting_path(:profile)
+    end
+  end
+
+  def user_params
+    params.require(:user).permit(preferences: [
+      :lightning_notify_sats_received,
+      :xmpp_exchange_contacts_with_invitees
+    ])
+  end
 end
--- a/app/controllers/webfinger_controller.rb
+++ b/app/controllers/webfinger_controller.rb
@@ -0,0 +1,57 @@
+class WebfingerController < ApplicationController
+  before_action :allow_cross_origin_requests, only: [:show]
+
+  layout false
+
+  def show
+    resource = params[:resource]
+
+    if resource && resource.match(/acct:\w+/)
+      useraddress = resource.split(":").last
+      username, org = useraddress.split("@")
+      username.downcase!
+      unless User.where(cn: username, ou: org).any?
+        head 404 and return
+      end
+
+      render json: webfinger(useraddress).to_json,
+             content_type: "application/jrd+json"
+    else
+      head 422 and return
+    end
+  end
+
+  private
+
+  def webfinger(useraddress)
+    links = [];
+
+    links << remotestorage_link(useraddress) if Setting.remotestorage_enabled
+
+    { "links" => links }
+  end
+
+  def remotestorage_link(useraddress)
+    # TODO use when OAuth routes are available
+    # auth_url = new_rs_oauth_url(useraddress)
+    auth_url = "https://example.com/rs/oauth"
+    storage_url = "#{Setting.rs_storage_url}/#{useraddress}"
+
+    {
+      "rel" => "http://tools.ietf.org/id/draft-dejong-remotestorage",
+      "href" => storage_url,
+      "properties" => {
+        "http://remotestorage.io/spec/version" => "draft-dejong-remotestorage-13",
+        "http://tools.ietf.org/html/rfc6749#section-4.2" => auth_url,
+        "http://tools.ietf.org/html/rfc6750#section-2.3" => nil, # access token via a HTTP query parameter
+        "http://tools.ietf.org/html/rfc7233": "GET", # content range requests
+        "http://remotestorage.io/spec/web-authoring": nil
+      }
+    }
+  end
+
+  def allow_cross_origin_requests
+    headers['Access-Control-Allow-Origin'] = '*'
+    headers['Access-Control-Allow-Methods'] = 'GET, POST, PUT, OPTIONS'
+  end
+end
--- a/app/controllers/webhooks_controller.rb
+++ b/app/controllers/webhooks_controller.rb
@@ -12,22 +12,28 @@ class WebhooksController < ApplicationController
    end

    user = User.find_by!(ln_account: payload[:user_login])
-
-    # TODO make configurable
-    notify_xmpp(user.address, payload[:amount], payload[:memo])
+    notify = user.preferences[:lightning_notify_sats_received]
+    case notify
+    when "xmpp"
+      notify_xmpp(user.address, payload[:amount], payload[:memo])
+    when "email"
+      NotificationMailer.with(user: user, amount_sats: payload[:amount])
+                        .lightning_sats_received.deliver_later
+    end

    head :ok
  end

  private

+  # TODO refactor into mailer-like generic class/service
  def notify_xmpp(address, amt_sats, memo)
    payload = {
      type: "normal",
      from: "kosmos.org", # TODO domain config
      to: address,
      subject: "Sats received!",
-      body: "#{amt_sats} sats received in your Lightning wallet:\n> #{memo}"
+      body: "#{helpers.number_with_delimiter amt_sats} sats received in your Lightning wallet:\n> #{memo}"
    }
    XmppSendMessageJob.perform_later(payload)
  end