Improve README, add quick start instructions

Remove pid dir from git
Comment encryption option in admin ldap users controller
2022-12-07 18:15:04 +01:00 · 2022-12-07 18:14:49 +01:00 · 2022-12-07 18:13:58 +01:00 · 2022-12-07 18:12:54 +01:00 · 2022-12-07 18:11:57 +01:00 · 2022-12-07 18:11:23 +01:00
11 changed files with 79 additions and 44 deletions
--- a/2
+++ b/2
@@ -1,5 +1,5 @@
 # syntax=docker/dockerfile:1
-FROM ruby:2.7
+FROM ruby:2.7.6
 RUN apt-get update -qq && apt-get install -y curl ldap-utils
 RUN curl -fsSL https://deb.nodesource.com/setup_lts.x | bash -
 RUN apt-get update && apt-get install -y nodejs
--- a/1
+++ b/1
@@ -59,6 +59,7 @@ group :development do
  gem 'listen', '~> 3.2'
  gem 'letter_opener'
  gem 'letter_opener_web'
+  gem 'faker'
 end

 group :test do
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -117,6 +117,8 @@ GEM
    factory_bot_rails (6.2.0)
      factory_bot (~> 6.2.0)
      railties (>= 5.0.0)
+    faker (3.0.0)
+      i18n (>= 1.8.11, < 2)
    faraday (2.7.1)
      faraday-net_http (>= 2.0, < 3.1)
      ruby2_keywords (>= 0.0.4)
@@ -313,6 +315,7 @@ DEPENDENCIES
  devise_ldap_authenticatable
  dotenv-rails
  factory_bot_rails
+  faker
  faraday
  importmap-rails
  jbuilder (~> 2.7)
--- a/README.md
+++ b/README.md
@@ -7,6 +7,27 @@ credentials, invites, donations, etc..

 ## Development

+### Quick Start
+
+The easiest way to get a working development setup is using Docker Compose like
+so:
+
+1. Make sure [Docker Compose is installed][1] and Docker is running (included in
+   Docker Desktop)
+2. Uncomment the `web` section in `docker-compose.yml`
+3. Run `docker compose up` and wait until 389ds announces its successful start
+   in the log output
+4. `docker-compose exec ldap dsconf localhost backend create --suffix="dc=kosmos,dc=org" --be-name="dev"`
+5. `docker compose run web rails ldap:setup`
+5. `docker compose run web rails db:setup`
+
+After these steps, you should have a working Rails app with a handful of test
+users running on [http://localhost:3000](http://localhost:3000).
+
+Log in with username "admin" and password "admin is admin". All users listed on
+[http://localhost:3000/admin/ldap_users](http://localhost:3000/admin/ldap_users)
+have the password "user is user".
+
 ### Rails app

 Installing dependencies:
@@ -37,15 +58,10 @@ There is a working Docker Compose config file, which allows you to spin up both
 an app server for Rails as well as a local 389ds (LDAP) server.

 By default, `docker-compose up` will only start the LDAP server, listening on
-port 389 on your machine. Uncomment other services in `docker-compose.yml`.
+port 389 on your machine. Uncomment other services in `docker-compose.yml` if
+you want to use them.

-Note that all 389ds data is stored in `tmp/389ds`. So if you want to start over
-with a fresh installation, delete both that directory as well as the container.
-
-### LDAP server
-
-See the previous section for quickly spinning up an LDAP server with Docker (or
-edit your environment configuration to use an existing one).
+#### LDAP server

 After creating the Docker container for the first time (or after deleting it),
 you need to run the following command once, in order to create the dirsrv
@@ -55,10 +71,13 @@ back-end:

 Now you can seed the back-end with data using this Rails task:

-    bundle exec rails ldap:seed
+    bundle exec rails ldap:setup

-The seeds task will first delete any existing entries in the directory tree
-("dc=kosmos,dc=org"), and then create our example/development entries.
+The setup task will first delete any existing entries in the directory tree
+("dc=kosmos,dc=org"), and then create our development entries.
+
+Note that all 389ds data is stored in `tmp/389ds`. So if you want to start over
+with a fresh installation, delete both that directory as well as the container.

 ## Documentation

@@ -87,3 +106,5 @@ The seeds task will first delete any existing entries in the directory tree
 ## License

 [GNU Affero General Public License v3.0](https://choosealicense.com/licenses/agpl-3.0/)
+
+[1]: https://docs.docker.com/compose/install/
--- a/app/controllers/admin/ldap_users_controller.rb
+++ b/app/controllers/admin/ldap_users_controller.rb
@@ -27,7 +27,7 @@ class Admin::LdapUsersController < Admin::BaseController
  def ldap_client
    ldap_client ||= Net::LDAP.new host: ldap_config['host'],
      port: ldap_config['port'],
-      encryption: ldap_config['ssl'],
+      # encryption: ldap_config['ssl'],
      auth: {
        method: :simple,
        username: ldap_config['admin_user'],
--- a/app/services/create_account.rb
+++ b/app/services/create_account.rb
@@ -5,6 +5,7 @@ class CreateAccount < ApplicationService
    @email      = args[:email]
    @password   = args[:password]
    @invitation = args[:invitation]
+    @confirmed  = args[:confirmed]
  end

  def call
@@ -26,7 +27,8 @@ class CreateAccount < ApplicationService
      ou: @domain,
      email: @email,
      password: @password,
-      password_confirmation: @password
+      password_confirmation: @password,
+      confirmed_at: @confirmed ? DateTime.now : nil
    )
  end

@@ -35,6 +37,7 @@ class CreateAccount < ApplicationService
  end

  # TODO move to confirmation
+  # (and/or add email_confirmed to entry and use in login filter)
  def add_ldap_document
    hashed_pw = Devise.ldap_auth_password_builder.call(@password)
    CreateLdapUserJob.perform_later(@username, @domain, @email, hashed_pw)
@@ -47,20 +50,8 @@ class CreateAccount < ApplicationService
  end

  def create_lndhub_wallet(user)
+    #TODO enable in development when we have a local lndhub (mock?) API
+    return if Rails.env.development?
    CreateLndhubWalletJob.perform_later(user)
  end
-
-  def exchange_xmpp_contacts_between_inviter_and_invitee
-    ejabberd = EjabberdApiClient.new
-
-    EjabberdApiClient.add_roster_item({
-      "localuser": @username,
-      "localhost": @domain,
-      "user": @inviter.cn,
-      "host": @inviter.ou,
-      "nick": @username,
-      "group": "Friends",
-      "subs": "both"
-    })
-  end
 end
--- a/app/services/ldap_service.rb
+++ b/app/services/ldap_service.rb
@@ -10,6 +10,10 @@ class LdapService < ApplicationService
    res
  end

+  def add_attribute(dn, attr, value)
+    ldap_client.add_attribute dn, attr, value
+  end
+
  def delete_entry(dn, interactive=false)
    puts "Deleting entry: #{dn}" if interactive
    res = ldap_client.delete dn: dn
--- a/db/seeds.rb
+++ b/db/seeds.rb
@@ -1,7 +1,22 @@
-# This file should contain all the record creation needed to seed the database with its default values.
-# The data can then be loaded with the rails db:seed command (or created alongside the database with db:setup).
-#
-# Examples:
-#
-#   movies = Movie.create([{ name: 'Star Wars' }, { name: 'Lord of the Rings' }])
-#   Character.create(name: 'Luke', movie: movies.first)
+require 'sidekiq/testing'
+
+ldap = LdapService.new
+
+Sidekiq::Testing.inline! do
+  CreateAccount.call(
+    username: "admin", domain: "kosmos.org", email: "admin@example.com",
+    password: "admin is admin", confirmed: true
+  )
+
+  ldap.add_attribute "cn=admin,ou=kosmos.org,cn=users,dc=kosmos,dc=org", :admin, "true"
+
+  5.times do |n|
+    username = Faker::Name.unique.first_name.downcase
+    email = Faker::Internet.unique.email
+
+    CreateAccount.call(
+      username: username, domain: "kosmos.org", email: email,
+      password: "user is user", confirmed: true
+    )
+  end
+end
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -8,14 +8,14 @@ services:
    environment:
      DS_DM_PASSWORD: passthebutter
      SUFFIX_NAME: "dc=kosmos,dc=org"
-  phpldapadmin:
-    image: osixia/phpldapadmin:0.9.0
-    ports:
-      - "8389:80"
-    environment:
-      PHPLDAPADMIN_HTTPS: false
-      PHPLDAPADMIN_LDAP_HOSTS: "#PYTHON2BASH:[{'ldap': [{'server': [{'tls': False}, {'port': 3389}]}, {'login': [{'bind_id': 'cn=Directory Manager'}, {'bind_pass': 'passthebutter'}]}]}]"
-      PHPLDAPADMIN_LDAP_CLIENT_TLS: false
+  # phpldapadmin:
+  #   image: osixia/phpldapadmin:0.9.0
+  #   ports:
+  #     - "8389:80"
+  #   environment:
+  #     PHPLDAPADMIN_HTTPS: false
+  #     PHPLDAPADMIN_LDAP_HOSTS: "#PYTHON2BASH:[{'ldap': [{'server': [{'tls': False}, {'port': 3389}]}, {'login': [{'bind_id': 'cn=Directory Manager'}, {'bind_pass': 'passthebutter'}]}]}]"
+  #     PHPLDAPADMIN_LDAP_CLIENT_TLS: false
  # web:
  #   build: .
  #   tty: true
--- a/lib/tasks/ldap.rake
+++ b/lib/tasks/ldap.rake
@@ -1,6 +1,6 @@
 namespace :ldap do
  desc "Reset the LDAP directory and set up base entries and default org"
-  task seed: :environment do |t, args|
+  task setup: :environment do |t, args|
    ldap = LdapService.new

    ldap.delete_entry "cn=admin_role,ou=kosmos.org,cn=users,dc=kosmos,dc=org", true
--- a/tmp/pids/.keep
+++ b/tmp/pids/.keep
Author	SHA1	Message	Date
Râu Cao	80ef75ff42	Improve README, add quick start instructions All checks were successful continuous-integration/drone/push Build is passing Details continuous-integration/drone/pr Build is passing Details	2022-12-07 18:15:04 +01:00
Râu Cao	67e2e45dd8	Remove pid dir from git	2022-12-07 18:14:49 +01:00
Râu Cao	3834e5230b	Comment encryption option in admin ldap users controller Refactor to use the service later	2022-12-07 18:13:58 +01:00
Râu Cao	4cb7c0998f	Add db/user seeds	2022-12-07 18:12:54 +01:00
Râu Cao	20382f7df7	Rename ldap seed task to setup	2022-12-07 18:11:57 +01:00
Râu Cao	add94eee8d	Don't start phpldapadmin by default	2022-12-07 18:11:23 +01:00
Râu Cao	067dc3b63d	Remove obsolete method	2022-12-07 18:11:03 +01:00
Râu Cao	1a470cf1c8	Add flag for creating pre-confirmed users	2022-12-07 18:09:44 +01:00
Râu Cao	f85b7f4f62	Define patch version for Ruby base image No need to re-download new images for every patch version	2022-12-07 18:07:53 +01:00