Merge pull request 'Set up async workers/jobs via Sidekiq' (#26) from feature/sidekiq into master

Reviewed-on: #26

.env.example

@@ -1,8 +1 @@
-LDAP_HOST=192.168.33.10
-LDAP_PORT=389
-#
-# Production LDAP server:
-#
-# LDAP_HOST=ldap.kosmos.org
-# LDAP_PORT=636
-# LDAP_USE_TLS=true
+EJABBERD_API_URL='https://xmpp.kosmos.org/api'

.env.production

@@ -0,0 +1 @@
+EJABBERD_API_URL='https://xmpp.kosmos.org:5443/api'

.env.test

@@ -0,0 +1 @@
+EJABBERD_API_URL='http://xmpp.example.com/api'

.gitignore

@@ -39,3 +39,6 @@ yarn-debug.log*
 
 # Ignore local dotenv config file
 .env
+
+# Ignore redis dumps from sidekiq
+dump.rdb

Gemfile

@@ -21,13 +21,22 @@ gem 'jbuilder', '~> 2.7'
 # Reduces boot times through caching; required in config/boot.rb
 gem 'bootsnap', '>= 1.4.2', require: false
 
-gem 'dotenv-rails', groups: [:development, :test]
+# Configuration
+gem 'dotenv-rails'
 
+# Authentication
 gem 'warden'
 gem 'devise'
 gem 'devise_ldap_authenticatable'
 gem 'net-ldap'
 
+# HTTP requests
+gem 'faraday'
+
+# Background/scheduled jobs
+gem 'sidekiq'
+gem 'sidekiq-scheduler'
+
 group :development, :test do
   # Use sqlite3 as the database for Active Record
   gem 'sqlite3', '~> 1.4'
@@ -51,6 +60,7 @@ group :test do
   gem 'factory_bot_rails'
   gem 'capybara'
   gem 'database_cleaner'
+  gem 'webmock'
 end
 
 group :production do

Gemfile.lock

@@ -73,6 +73,9 @@ GEM
       regexp_parser (~> 1.5)
       xpath (~> 3.2)
     concurrent-ruby (1.1.7)
+    connection_pool (2.2.3)
+    crack (0.4.3)
+      safe_yaml (~> 1.0.0)
     crass (1.0.6)
     database_cleaner (1.8.5)
     devise (4.7.3)
@@ -89,15 +92,24 @@ GEM
     dotenv-rails (2.7.2)
       dotenv (= 2.7.2)
       railties (>= 3.2, < 6.1)
+    e2mmap (0.1.0)
     erubi (1.9.0)
+    et-orbi (1.2.4)
+      tzinfo
     factory_bot (6.1.0)
       activesupport (>= 5.0.0)
     factory_bot_rails (6.1.0)
       factory_bot (~> 6.1.0)
       railties (>= 5.0.0)
+    faraday (0.17.0)
+      multipart-post (>= 1.2, < 3)
     ffi (1.13.1)
+    fugit (1.4.2)
+      et-orbi (~> 1.1, >= 1.1.8)
+      raabro (~> 1.4)
     globalid (0.4.2)
       activesupport (>= 4.2.0)
+    hashdiff (0.4.0)
     i18n (1.8.5)
       concurrent-ruby (~> 1.0)
     jbuilder (2.10.1)
@@ -126,6 +138,7 @@ GEM
     mini_portile2 (2.4.0)
     minitest (5.14.2)
     msgpack (1.3.3)
+    multipart-post (2.1.1)
     net-ldap (0.16.3)
     nio4r (2.5.4)
     nokogiri (1.10.10)
@@ -135,6 +148,7 @@ GEM
     public_suffix (4.0.6)
     puma (4.3.6)
       nio4r (~> 2.0)
+    raabro (1.4.0)
     rack (2.2.3)
     rack-proxy (0.6.5)
       rack
@@ -170,6 +184,7 @@ GEM
     rb-fsevent (0.10.4)
     rb-inotify (0.10.1)
       ffi (~> 1.0)
+    redis (4.2.5)
     regexp_parser (1.8.2)
     responders (3.0.1)
       actionpack (>= 5.0)
@@ -191,6 +206,9 @@ GEM
       rspec-mocks (~> 3.9)
       rspec-support (~> 3.9)
     rspec-support (3.10.0)
+    rufus-scheduler (3.7.0)
+      fugit (~> 1.1, >= 1.1.6)
+    safe_yaml (1.0.5)
     sass-rails (6.0.0)
       sassc-rails (~> 2.1, >= 2.1.1)
     sassc (2.4.0)
@@ -201,6 +219,17 @@ GEM
       sprockets (> 3.0)
       sprockets-rails
       tilt
+    sidekiq (6.1.3)
+      connection_pool (>= 2.2.2)
+      rack (~> 2.0)
+      redis (>= 4.2.0)
+    sidekiq-scheduler (3.0.1)
+      e2mmap
+      redis (>= 3, < 5)
+      rufus-scheduler (~> 3.2)
+      sidekiq (>= 3)
+      thwait
+      tilt (>= 1.4.0)
     spring (2.1.1)
     spring-watcher-listen (2.0.1)
       listen (>= 2.7, < 4.0)
@@ -215,6 +244,8 @@ GEM
     sqlite3 (1.4.2)
     thor (1.0.1)
     thread_safe (0.3.6)
+    thwait (0.2.0)
+      e2mmap
     tilt (2.0.10)
     turbolinks (5.2.1)
       turbolinks-source (~> 5.2)
@@ -228,6 +259,10 @@ GEM
       activemodel (>= 6.0.0)
       bindex (>= 0.4.0)
       railties (>= 6.0.0)
+    webmock (3.6.0)
+      addressable (>= 2.3.6)
+      crack (>= 0.3.2)
+      hashdiff (>= 0.4.0, < 2.0.0)
     webpacker (4.3.0)
       activesupport (>= 4.2)
       rack-proxy (>= 0.6.1)
@@ -241,6 +276,7 @@ GEM
 
 PLATFORMS
   ruby
+  x86_64-linux
 
 DEPENDENCIES
   bootsnap (>= 1.4.2)
@@ -251,6 +287,7 @@ DEPENDENCIES
   devise_ldap_authenticatable
   dotenv-rails
   factory_bot_rails
+  faraday
   jbuilder (~> 2.7)
   letter_opener
   letter_opener_web
@@ -261,6 +298,8 @@ DEPENDENCIES
   rails (~> 6.0.3, >= 6.0.3.4)
   rspec-rails
   sass-rails (>= 6)
+  sidekiq
+  sidekiq-scheduler
   spring
   spring-watcher-listen (~> 2.0.0)
   sqlite3 (~> 1.4)
@@ -268,7 +307,8 @@ DEPENDENCIES
   tzinfo-data
   warden
   web-console (>= 3.3.0)
+  webmock
   webpacker (~> 4.0)
 
 BUNDLED WITH
-   2.0.2
+   2.2.2

README.md

@@ -11,7 +11,7 @@ credentials, invites, donations, etc..
 * [x] Log in with admin permissions
 * [x] View LDAP users as admin
 * [x] Sign up for a new account via invitation
-* [ ] List my donations
+* [x] List my donations
 * [ ] Invite new users from your account
 * [ ] Sign up for a new account by donating upfront
 * [ ] Sign up for a new account via proving contributions (via cryptographic signature)
@@ -38,6 +38,10 @@ Running the dev server:
 
     bundle exec rails server
 
+Running the background workers (requires Redis):
+
+    bundle exec sidekiq -C config/sidekiq.yml
+
 Running all specs:
 
     bundle exec rspec
@@ -62,6 +66,11 @@ manual LDIF imports etc. (or provide a staging instance)
 * [devise_ldap_authenticatable](https://github.com/cschiewek/devise_ldap_authenticatable)
 * [net/ldap](https://www.rubydoc.info/gems/net-ldap/Net/LDAP)
 
+### Asynchronous jobs/workers
+
+* [Sidekiq](https://github.com/mperham/sidekiq/wiki/)
+* [ActiveJob](https://github.com/mperham/sidekiq/wiki/Active-Job)
+
 ## License
 
 [GNU Affero General Public License v3.0](https://choosealicense.com/licenses/agpl-3.0/)

app/assets/stylesheets/_variables.scss

@@ -0,0 +1,13 @@
+$content-width: 800px;
+$content-max-width: 100%;
+
+$text-color-body: #222;
+$text-color-discreet: #888;
+
+$background-color-notice: #efffc4;
+$background-color-alert: #fff4c2;
+
+$color-blue: #0d4f99;
+$color-purple: #8955a0;
+$color-red-bright: #c00;
+$color-red-dark: #990c0e;

app/assets/stylesheets/admin.scss

@@ -0,0 +1,25 @@
+@import "variables";
+
+body#admin-panel {
+  #wrapper {
+    > header {
+      background: $color-red-bright;
+      background: linear-gradient(35deg, rgba(255,0,255,0.2) 0, rgba(153,12,14,0.9) 100%),
+                  url('/img/bg-1.jpg');
+    }
+  }
+
+  #main-nav {
+    ul {
+      grid-template-columns: repeat(4, 1fr);
+
+      li {
+        a {
+          &.active {
+            border-bottom: 2px solid $color-red-bright;
+          }
+        }
+      }
+    }
+  }
+}

app/assets/stylesheets/donations.scss

@@ -0,0 +1,40 @@
+ul.donations {
+  list-style: none;
+
+  li {
+    margin-bottom: 2rem;
+    display: grid;
+    grid-row-gap: 0.5rem;
+    grid-column-gap: 2rem;
+    grid-template-columns: 1fr 1fr;
+    grid-template-areas:
+      "date amount-btc"
+      "public-name amounts-fiat";
+
+    h3 {
+      grid-area: "date";
+      margin-bottom: 0;
+    }
+
+    p {
+      margin-bottom: 0;
+
+      &.amount-btc {
+        grid-area: amount-btc;
+        text-align: right;
+        font-family: monospace;
+        font-size: 1.25rem;
+      }
+      &.amounts-fiat {
+        grid-area: amounts-fiat;
+        text-align: right;
+        font-family: monospace;
+        font-size: 0.85rem;
+        color: #888;
+      }
+      &.public-name {
+        grid-area: public-name;
+      }
+    }
+  }
+}

app/assets/stylesheets/fonts.scss

@@ -1,3 +1,5 @@
+@import "variables";
+
 @font-face {
   font-family: 'Raleway';
   src: url('/fonts/raleway-light.woff') format('woff2');
@@ -8,6 +10,7 @@
 body {
   font-family: "Open Sans", Helvetica, Arial, sans-serif;
   font-weight: 400;
+  color: $text-color-body;
 }
 
 h1, h2, h3 {

app/assets/stylesheets/forms.scss

@@ -22,10 +22,6 @@ form {
     color: #bc0101;
   }
 
-  .actions {
-    margin-top: 2rem;
-  }
-
   .accept-terms {
     margin-top: 2rem;
     font-size: 0.85rem;

app/assets/stylesheets/layout.scss

@@ -1,11 +1,6 @@
+@import "variables";
 @import "mediaqueries";
 
-$content-width: 800px;
-$content-max-width: 100%;
-
-body {
-}
-
 #wrapper {
   width: 100%;
   text-align: center;
@@ -14,8 +9,9 @@ body {
     margin: 0 auto;
     padding: 4rem 0;
     text-align: center;
-    background: #0d4f99;
-    background: linear-gradient(35deg, #8955a0 0, #0d4f99 100%);
+    background: linear-gradient(35deg, rgba(255,0,255,0.2) 0, rgba(13,79,153,0.8) 100%),
+                url('/img/bg-1.jpg');
+    background-size: cover;
 
     @include media-max(small) {
       padding: 3rem 0;
@@ -27,20 +23,15 @@ body {
 
       span.project-name {
         display: none;
-        // font-size: .5em;
-        // text-transform: none;
-        // vertical-align: super;
       }
 
-      span.beta {
-        font-size: .5em;
-        font-style: italic;
-        text-transform: none;
-        vertical-align: super;
-      }
+      span.icon {
+        svg {
+          height: 1.8rem;
+          width: auto;
+        }
 
-      span.bolt {
-        color: #ffd000;
+        margin-right: 0.5rem;
       }
     }
 
@@ -77,18 +68,18 @@ body {
   padding: 2rem 0;
 
   &.notice {
-    background: #efffc4;
+    background: $background-color-notice;
   }
 
   &.alert {
-    background: #fff4c2;
+    background: $background-color-alert;
   }
 }
 
 main {
   width: $content-width;
   max-width: $content-max-width;
-  margin: 4rem auto;
+  margin: 4rem auto 6rem auto;
   text-align: left;
 
   @include media-max(medium) {
@@ -128,20 +119,35 @@ main {
     }
   }
 
-  th, td {
-    line-height: 1.5rem;
-    padding-right: 1rem;
+  section {
+    margin-bottom: 3rem;
   }
 
-  section {
-    border-bottom: 1px dotted #ccc;
-    padding-bottom: 4rem;
-    margin-bottom: 4rem;
+  table {
+    width: 100%;
 
-    @include media-max(small) {
-      padding-bottom: 3rem;
-      margin-bottom: 3rem;
+    th, td {
+      line-height: 1.5rem;
+      padding-right: 1rem;
+
+      &.hide-small {
+        @include media-max(small) {
+          display: none;
+        }
+      }
     }
+
+    th {
+      color: $text-color-discreet;
+      font-weight: normal;
+      text-transform: uppercase;
+      font-size: 0.85rem;
+      padding-bottom: 0.5rem;
+    }
+  }
+
+  .actions {
+    margin-top: 2rem;
   }
 }
 
@@ -165,9 +171,13 @@ main {
 
     .grid-item {
       p {
-        color: #888;
+        color: $text-color-discreet;
         font-size: 0.85rem;
       }
     }
   }
 }
+
+.text-centered {
+  text-align: center;
+}

app/assets/stylesheets/main_nav.scss

@@ -0,0 +1,55 @@
+@import "variables";
+@import "mediaqueries";
+
+#main-nav {
+  width: 100%;
+  text-align: center;
+  background-color: #efefef;
+
+  .wrapper {
+    width: $content-width;
+    max-width: $content-max-width;
+    margin: 0 auto;
+  }
+
+  ul {
+    @include media-max(large) {
+      display: grid;
+      grid-template-columns: repeat(1fr);
+      grid-template-columns: 1fr 1fr 1fr 1fr;
+    }
+
+    li {
+      @include media-min(large) {
+        display: inline;
+      }
+
+      @include media-max(large) {
+        display: block;
+      }
+
+      a {
+        display: inline-block;
+        padding: 1.5rem 2rem;
+        text-decoration: none;
+        color: $text-color-discreet;
+
+        @include media-max(large) {
+          display: block;
+          text-align: center;
+          padding-left: 0;
+          padding-right: 0;
+        }
+
+        @include media-max(small) {
+          font-size: 0.85rem;
+        }
+
+        &.active {
+          color: $text-color-body;
+          border-bottom: 2px solid #4ea2df;
+        }
+      }
+    }
+  }
+}

app/controllers/admin/base_controller.rb

@@ -3,4 +3,6 @@ class Admin::BaseController < ApplicationController
   before_action :authenticate_user!
   before_action :authorize_admin
 
+  layout "admin"
+
 end

app/controllers/admin/dashboard_controller.rb

@@ -1,4 +1,5 @@
 class Admin::DashboardController < Admin::BaseController
   def index
+    @current_section = :dashboard
   end
 end

app/controllers/admin/donations_controller.rb

@@ -0,0 +1,79 @@
+class Admin::DonationsController < Admin::BaseController
+  before_action :set_donation, only: [:show, :edit, :update, :destroy]
+  before_action :set_current_section, only: [:index, :show, :new, :edit]
+
+  # GET /donations
+  # GET /donations.json
+  def index
+    @donations = Donation.all
+  end
+
+  # GET /donations/1
+  # GET /donations/1.json
+  def show
+  end
+
+  # GET /donations/new
+  def new
+    @donation = Donation.new
+  end
+
+  # GET /donations/1/edit
+  def edit
+  end
+
+  # POST /donations
+  # POST /donations.json
+  def create
+    @donation = Donation.new(donation_params)
+
+    respond_to do |format|
+      if @donation.save
+        format.html { redirect_to admin_donation_url(@donation), notice: 'Donation was successfully created.' }
+        format.json { render :show, status: :created, location: @donation }
+      else
+        format.html { render :new }
+        format.json { render json: @donation.errors, status: :unprocessable_entity }
+      end
+    end
+  end
+
+  # PATCH/PUT /donations/1
+  # PATCH/PUT /donations/1.json
+  def update
+    respond_to do |format|
+      if @donation.update(donation_params)
+        format.html { redirect_to admin_donation_url(@donation), notice: 'Donation was successfully updated.' }
+        format.json { render :show, status: :ok, location: @donation }
+      else
+        format.html { render :edit }
+        format.json { render json: @donation.errors, status: :unprocessable_entity }
+      end
+    end
+  end
+
+  # DELETE /donations/1
+  # DELETE /donations/1.json
+  def destroy
+    @donation.destroy
+    respond_to do |format|
+      format.html { redirect_to admin_donations_url, notice: 'Donation was successfully destroyed.' }
+      format.json { head :no_content }
+    end
+  end
+
+  private
+    # Use callbacks to share common setup or constraints between actions.
+    def set_donation
+      @donation = Donation.find(params[:id])
+    end
+
+    # Only allow a list of trusted parameters through.
+    def donation_params
+      params.require(:donation).permit(:user_id, :amount_sats, :amount_eur, :amount_usd, :public_name, :paid_at)
+    end
+
+    def set_current_section
+      @current_section = :donations
+    end
+end

app/controllers/admin/invitations_controller.rb

@@ -0,0 +1,8 @@
+class Admin::InvitationsController < Admin::BaseController
+  def index
+    @current_section = :invitations
+    @invitations_unused_count = Invitation.unused.count
+    @users_with_referrals_count = Invitation.used.distinct.count(:user_id)
+    @invitations_used = Invitation.used.order('used_at desc')
+  end
+end

app/controllers/admin/ldap_users_controller.rb

@@ -1,4 +1,6 @@
 class Admin::LdapUsersController < Admin::BaseController
+  before_action :set_current_section
+
   def index
     attributes = %w{dn cn uid mail admin}
     filter = Net::LDAP::Filter.eq("uid", "*")
@@ -38,4 +40,8 @@ class Admin::LdapUsersController < Admin::BaseController
   def ldap_config
     ldap_config ||= YAML.load(ERB.new(File.read("#{Rails.root}/config/ldap.yml")).result)[Rails.env]
   end
+
+  def set_current_section
+    @current_section = :ldap_users
+  end
 end

app/controllers/dashboard_controller.rb

@@ -2,5 +2,6 @@ class DashboardController < ApplicationController
   before_action :require_user_signed_in
 
   def index
+    @current_section = :dashboard
   end
 end

app/controllers/donations_controller.rb

@@ -0,0 +1,10 @@
+class DonationsController < ApplicationController
+  before_action :require_user_signed_in
+
+  # GET /donations
+  # GET /donations.json
+  def index
+    @donations = current_user.donations.completed
+    @current_section = :contributions
+  end
+end

app/controllers/invitations_controller.rb

@@ -8,6 +8,7 @@ class InvitationsController < ApplicationController
   def index
     @invitations_unused = current_user.invitations.unused
     @invitations_used   = current_user.invitations.used
+    @current_section = :invitations
   end
 
   # GET /invitations/a-random-invitation-token

app/controllers/security_controller.rb

@@ -0,0 +1,7 @@
+class SecurityController < ApplicationController
+  before_action :require_user_signed_in
+
+  def index
+    @current_section = :security
+  end
+end

app/controllers/signup_controller.rb

@@ -94,16 +94,15 @@ class SignupController < ApplicationController
   end
 
   def complete_signup
-    @user.save!
     session[:new_user] = nil
     session[:validation_error] = nil
 
     CreateAccount.call(
       username: @user.cn,
+      domain: "kosmos.org",
       email: @user.email,
-      password: @user.password
+      password: @user.password,
+      invitation: @invitation
     )
-
-    @invitation.update! invited_user_id: @user.id, used_at: DateTime.now
   end
 end

app/helpers/application_helper.rb

@@ -1,2 +1,5 @@
 module ApplicationHelper
+  def sats_to_btc(sats)
+    sats.to_f / 100000000
+  end
 end

app/helpers/donations_helper.rb

@@ -0,0 +1,2 @@
+module DonationsHelper
+end

app/jobs/create_ldap_user_job.rb

@@ -0,0 +1,32 @@
+class CreateLdapUserJob < ApplicationJob
+  queue_as :default
+
+  def perform(username, domain, email, hashed_pw)
+    dn = "cn=#{username},ou=#{domain},cn=users,dc=kosmos,dc=org"
+    attr = {
+      objectclass: ["top", "account", "person", "extensibleObject"],
+      cn: username,
+      sn: username,
+      uid: username,
+      mail: email,
+      userPassword: hashed_pw
+    }
+
+    ldap_client.add(dn: dn, attributes: attr)
+  end
+
+  def ldap_client
+    ldap_client ||= Net::LDAP.new host: ldap_config['host'],
+      port: ldap_config['port'],
+      encryption: ldap_config['ssl'],
+      auth: {
+        method: :simple,
+        username: ldap_config['admin_user'],
+        password: ldap_config['admin_password']
+      }
+  end
+
+  def ldap_config
+    ldap_config ||= YAML.load(ERB.new(File.read("#{Rails.root}/config/ldap.yml")).result)[Rails.env]
+  end
+end

app/jobs/exchange_xmpp_contacts_job.rb

@@ -0,0 +1,18 @@
+class ExchangeXmppContactsJob < ApplicationJob
+  queue_as :default
+
+  def perform(inviter, username, domain)
+    ejabberd = EjabberdApiClient.new
+
+    ejabberd.add_rosteritem({
+      "localuser": username, "localhost": domain,
+      "user": inviter.cn, "host": inviter.ou,
+      "nick": inviter.cn, "group": "Friends", "subs": "both"
+    })
+    ejabberd.add_rosteritem({
+      "localuser": inviter.cn, "localhost": inviter.ou,
+      "user": username, "host": domain,
+      "nick": username, "group": "Friends", "subs": "both"
+    })
+  end
+end

app/models/donation.rb

@@ -0,0 +1,13 @@
+class Donation < ApplicationRecord
+  # Relations
+  belongs_to :user
+
+  # Validations
+  validates_presence_of :amount_sats
+
+  # Hooks
+  # TODO before_create :store_fiat_value
+
+  #Scopes
+  scope :completed, -> { where.not(paid_at: nil) }
+end

app/models/user.rb

@@ -3,6 +3,7 @@ class User < ApplicationRecord
 
   # Relations
   has_many :invitations, dependent: :destroy
+  has_many :donations, dependent: :nullify
 
   validates_uniqueness_of :cn
   validates_length_of :cn, :minimum => 3

app/services/create_account.rb

@@ -1,42 +1,47 @@
 class CreateAccount < ApplicationService
   def initialize(args)
-    @username = args[:username]
-    @email = args[:email]
-    @password = args[:password]
+    @username   = args[:username]
+    @domain     = args[:ou] || "kosmos.org"
+    @email      = args[:email]
+    @password   = args[:password]
+    @invitation = args[:invitation]
   end
 
   def call
+    user = create_user_in_database
     add_ldap_document
+
+    if @invitation.present?
+      update_invitation(user.id)
+      exchange_xmpp_contacts
+    end
   end
 
   private
 
-  def add_ldap_document
-    dn = "cn=#{@username},ou=kosmos.org,cn=users,dc=kosmos,dc=org"
-    attr = {
-      objectclass: ["top", "account", "person", "extensibleObject"],
+  def create_user_in_database
+    User.create!(
       cn: @username,
-      sn: @username,
-      uid: @username,
-      mail: @email,
-      userPassword: Devise.ldap_auth_password_builder.call(@password)
-    }
-
-    ldap_client.add(dn: dn, attributes: attr)
+      ou: @domain,
+      email: @email,
+      password: @password,
+      password_confirmation: @password
+    )
   end
 
-  def ldap_client
-    ldap_client ||= Net::LDAP.new host: ldap_config['host'],
-      port: ldap_config['port'],
-      encryption: ldap_config['ssl'],
-      auth: {
-        method: :simple,
-        username: ldap_config['admin_user'],
-        password: ldap_config['admin_password']
-      }
+  def update_invitation(user_id)
+    @invitation.update! invited_user_id: user_id, used_at: DateTime.now
   end
 
-  def ldap_config
-    ldap_config ||= YAML.load(ERB.new(File.read("#{Rails.root}/config/ldap.yml")).result)[Rails.env]
+  # TODO move to confirmation
+  def add_ldap_document
+    hashed_pw = Devise.ldap_auth_password_builder.call(@password)
+    CreateLdapUserJob.perform_later(@username, @domain, @email, hashed_pw)
+  end
+
+  def exchange_xmpp_contacts
+    #TODO enable in development when we have easy setup of ejabberd etc.
+    return if Rails.env.development?
+    ExchangeXmppContactsJob.perform_later(@invitation.user, @username, @domain)
   end
 end

app/services/ejabberd_api_client.rb

@@ -0,0 +1,20 @@
+class EjabberdApiClient
+  def initialize
+    @base_url = ENV["EJABBERD_API_URL"]
+  end
+
+  def post(endpoint, payload)
+    res = Faraday.post("#{@base_url}/#{endpoint}", payload.to_json,
+                       "Content-Type" => "application/json")
+
+    if res.status != 200
+      Rails.logger.error "[ejabberd] API request failed:"
+      Rails.logger.error res.body
+      #TODO add some kind of exception tracking/notifications
+    end
+  end
+
+  def add_rosteritem(payload)
+    post "add_rosteritem", payload
+  end
+end

app/views/admin/dashboard/index.html.erb

@@ -1,7 +1,3 @@
-<h2>Admin Panel</h2>
-<p>
-  Ohai there, admin human.
-</p>
-<p>
-  <%= link_to 'LDAP users', admin_ldap_users_path %>
+<p class="text-centered">
+  With great power comes great responsibility.
 </p>

app/views/admin/donations/_donation.json.jbuilder

@@ -0,0 +1,2 @@
+json.extract! donation, :id, :user_id, :amount_sats, :amount_eur, :amount_usd, :public_name, :created_at, :updated_at
+json.url donation_url(donation, format: :json)

app/views/admin/donations/_form.html.erb

@@ -0,0 +1,60 @@
+<%= form_with(url: url, model: donation, local: true) do |form| %>
+  <% if donation.errors.any? %>
+    <div id="error_explanation">
+      <h3><%= pluralize(donation.errors.count, "error") %> prohibited this donation from being saved:</h3>
+      <ul>
+        <% donation.errors.full_messages.each do |message| %>
+          <li><%= message %></li>
+        <% end %>
+      </ul>
+    </div>
+  <% end %>
+
+  <div class="field">
+    <p>
+      <%= form.label :user_id %>
+      <%= form.collection_select :user_id, User.where(ou: "kosmos.org").order(:cn), :id, :cn %>
+    </p>
+  </div>
+
+  <div class="field">
+    <p>
+      <%= form.label :amount_sats, "Amount BTC (sats)" %>
+      <%= form.number_field :amount_sats %>
+    </p>
+  </div>
+
+  <div class="field">
+    <p>
+      <%= form.label :amount_eur, "Amount EUR (cents)" %>
+      <%= form.number_field :amount_eur %>
+    </p>
+  </div>
+
+  <div class="field">
+    <p>
+      <%= form.label :amount_usd, "Amount USD (cents)"%>
+      <%= form.number_field :amount_usd %>
+    </p>
+  </div>
+
+  <div class="field">
+    <p>
+      <%= form.label :public_name %>
+      <%= form.text_field :public_name %>
+    </p>
+  </div>
+
+  <div class="field">
+    <p>
+      <%= form.label :paid_at %>
+      <%= form.text_field :paid_at %>
+    </p>
+  </div>
+
+  <div class="actions">
+    <p>
+      <%= form.submit %>
+    </p>
+  </div>
+<% end %>

app/views/admin/donations/edit.html.erb

@@ -0,0 +1,8 @@
+<h2>Editing Donation</h2>
+
+<%= render 'form', donation: @donation, url: admin_donation_path(@donation) %>
+
+<p class="actions">
+  <%= link_to 'Show', admin_donation_path(@donation) %> |
+  <%= link_to 'Back', admin_donations_path %>
+<p>

app/views/admin/donations/index.html.erb

@@ -0,0 +1,41 @@
+<h2>Donations</h2>
+
+<% if @donations.any? %>
+  <table>
+    <thead>
+      <tr>
+        <th>User</th>
+        <th>Amount BTC</th>
+        <th>in EUR</th>
+        <th>in USD</th>
+        <th>Public name</th>
+        <th>Date</th>
+        <th colspan="3"></th>
+      </tr>
+    </thead>
+
+    <tbody>
+      <% @donations.each do |donation| %>
+        <tr>
+          <td><%= donation.user.cn %></td>
+          <td><%= sats_to_btc donation.amount_sats %> BTC</td>
+          <td><%= number_to_currency donation.amount_eur / 100, unit: "" %></td>
+          <td><%= number_to_currency donation.amount_usd / 100, unit: "" %></td>
+          <td><%= donation.public_name %></td>
+          <td><%= donation.paid_at ? donation.paid_at.strftime("%Y-%m-%d") : "" %></td>
+          <td><%= link_to 'Show', admin_donation_path(donation) %></td>
+          <td><%= link_to 'Edit', edit_admin_donation_path(donation) %></td>
+          <td><%= link_to 'Destroy', admin_donation_path(donation), method: :delete, data: { confirm: 'Are you sure?' } %></td>
+        </tr>
+      <% end %>
+    </tbody>
+  </table>
+<% else %>
+  <p>
+    No donations yet.
+  </p>
+<% end %>
+
+<p class="actions">
+  <%= link_to 'Record an out-of-system donation', new_admin_donation_path %>
+</p>

app/views/admin/donations/index.json.jbuilder

@@ -0,0 +1 @@
+json.array! @donations, partial: "donations/donation", as: :donation

app/views/admin/donations/new.html.erb

@@ -0,0 +1,7 @@
+<h2>New Donation</h2>
+
+<%= render 'form', donation: @donation, url: admin_donations_path %>
+
+<p class="actions">
+  <%= link_to 'Back', admin_donations_path %>
+</p>

app/views/admin/donations/show.html.erb

@@ -0,0 +1,34 @@
+<p id="notice"><%= notice %></p>
+
+<p>
+  <strong>User:</strong>
+  <%= @donation.user_id %>
+</p>
+
+<p>
+  <strong>Amount sats:</strong>
+  <%= @donation.amount_sats %>
+</p>
+
+<p>
+  <strong>Amount eur:</strong>
+  <%= @donation.amount_eur %>
+</p>
+
+<p>
+  <strong>Amount usd:</strong>
+  <%= @donation.amount_usd %>
+</p>
+
+<p>
+  <strong>Public name:</strong>
+  <%= @donation.public_name %>
+</p>
+
+<p>
+  <strong>Date:</strong>
+  <%= @donation.paid_at %>
+</p>
+
+<%= link_to 'Edit', edit_admin_donation_path(@donation) %> |
+<%= link_to 'Back', admin_donations_path %>

app/views/admin/donations/show.json.jbuilder

@@ -0,0 +1 @@
+json.partial! "donations/donation", donation: @donation

app/views/admin/invitations/index.html.erb

@@ -0,0 +1,32 @@
+<section>
+  <h2>Invitations</h2>
+  <p>
+    There are currently <strong><%= @invitations_unused_count %>
+    unused invitations</strong> available to existing users.
+    <strong><%= @users_with_referrals_count %> users</strong> have successfully
+    invited new users.
+  </p>
+</section>
+<% if @invitations_used.any? %>
+  <section>
+    <h3>Accepted (<%= @invitations_used.length %>)</h3>
+    <table>
+      <thead>
+        <tr>
+          <th>Token</th>
+          <th>Accepted</th>
+          <th>Invited user</th>
+        </tr>
+      </thead>
+      <tbody>
+        <% @invitations_used.each do |invitation| %>
+          <tr>
+            <td class="overflow-ellipsis"><%= invitation.token %></td>
+            <td><%= invitation.used_at.strftime("%Y-%m-%d") %></td>
+            <td><%= User.find(invitation.invited_user_id).address %></td>
+          </tr>
+        <% end %>
+      </tbody>
+    </table>
+  </section>
+<% end %>

app/views/dashboard/index.html.erb

@@ -6,7 +6,7 @@
   </p>
   <div class="grid services">
     <div class="grid-item chat">
-      <h3><%= link_to "Chat", "https://wiki.kosmos.org/Services:XMPP" %></h3>
+      <h3><%= link_to "Chat", "https://wiki.kosmos.org/Services:Chat" %></h3>
       <p>
         Chat rooms and instant messaging (XMPP/Jabber)
       </p>
@@ -37,12 +37,3 @@
     </div>
   </div>
 </section>
-
-<section>
-  <h3>Password change</h3>
-  <p>
-    <%= form_with(url: settings_reset_password_path, method: :post) do %>
-      <%= submit_tag("Send me a password reset link") %>
-    <% end %>
-  </p>
-</section>

app/views/donations/index.html.erb

@@ -0,0 +1,38 @@
+<section>
+  <h2>Donations</h2>
+  <p>
+    Your financial contributions to the development and
+    upkeep of Kosmos software and services.
+  </p>
+</section>
+
+<section>
+  <% if @donations.any? %>
+    <ul class="donations">
+      <% @donations.each do |donation| %>
+        <li>
+          <h3>
+            <%= donation.paid_at.strftime("%B %d, %Y") %>
+          </h3>
+          <p class="amount-btc">
+            <%= sats_to_btc donation.amount_sats %> BTC
+          </p>
+          <p class="amounts-fiat">
+            (~ <%= number_to_currency donation.amount_eur / 100, unit: "" %> EUR)
+          </p>
+          <p class="public-name">
+            <% if donation.public_name.present? %>
+              Public name: <%= donation.public_name %>
+            <% else %>
+              Anonymous
+            <% end %>
+          </p>
+        </li>
+      <% end %>
+    </ul>
+  <% else %>
+    <p>
+      No donations to show.
+    </p>
+  <% end %>
+</section>

app/views/donations/index.json.jbuilder

@@ -0,0 +1 @@
+json.array! @donations, partial: "donations/donation", as: :donation

app/views/invitations/index.html.erb

@@ -24,23 +24,25 @@
 </section>
 
 <% if @invitations_used.any? %>
-  <h3>Accepted Invitations</h3>
-  <table>
-    <thead>
-      <tr>
-        <th>URL</th>
-        <th>Used at</th>
-        <th>Invited user</th>
-      </tr>
-    </thead>
-    <tbody>
-      <% @invitations_used.each do |invitation| %>
+  <section>
+    <h3>Accepted Invitations</h3>
+    <table>
+      <thead>
         <tr>
-          <td><%= invitation_url(invitation.token) %></td>
-          <td><%= invitation.used_at %></td>
-          <td><%= User.find(invitation.invited_user_id).address %></td>
+          <th class="hide-small">ID</th>
+          <th>Accepted</th>
+          <th>Invited user</th>
         </tr>
-      <% end %>
-    </tbody>
-  </table>
+      </thead>
+      <tbody>
+        <% @invitations_used.each do |invitation| %>
+          <tr>
+            <td class="hide-small"><%= invitation.token %></td>
+            <td><%= invitation.used_at.strftime("%Y-%m-%d") %></td>
+            <td><%= User.find(invitation.invited_user_id).address %></td>
+          </tr>
+        <% end %>
+      </tbody>
+    </table>
+  </section>
 <% end %>

app/views/layouts/admin.html.erb

@@ -0,0 +1,45 @@
+<!DOCTYPE html>
+<html>
+  <head>
+    <title>Admin Panel | Kosmos Accounts</title>
+    <%= csrf_meta_tags %>
+    <%= csp_meta_tag %>
+
+    <meta name="viewport" content="width=device-width, initial-scale=1">
+
+    <%= stylesheet_link_tag 'application', media: 'all', 'data-turbolinks-track': 'reload' %>
+    <%= javascript_pack_tag 'application', 'data-turbolinks-track': 'reload' %>
+  </head>
+
+  <body id="admin-panel">
+    <div id="wrapper">
+      <header>
+        <h1>
+          <span class ="icon"><%= render partial: "shared/icons/comet" %></span>
+          <span class ="project-name">Kosmos</span>
+          <span class ="site-name">Accounts</span>
+        </h1>
+        <% if user_signed_in? %>
+          <p class="current-user">
+            Signed in as <strong><%= current_user.cn %>@kosmos.org</strong>.
+            <%= link_to "Log out", destroy_user_session_path, method: :delete %>
+          </p>
+        <% end %>
+      </header>
+
+      <% if user_signed_in? && current_user.confirmed? %>
+        <%= render partial: 'shared/admin_nav' %>
+      <% end %>
+
+      <% flash.each do |type, msg| %>
+        <div class="flash-msg <%= type %>">
+          <p><%= msg %></p>
+        </div>
+      <% end %>
+
+      <main>
+        <%= yield %>
+      </main>
+    </div>
+  </body>
+</html>

app/views/layouts/application.html.erb

@@ -15,9 +15,9 @@
     <div id="wrapper">
       <header>
         <h1>
+          <span class ="icon"><%= render partial: "shared/icons/comet" %></span>
           <span class ="project-name">Kosmos</span>
-          <span class ="site-name">Akkounts</span>
-          <span class="beta"><span class="bolt">⚡</span> beta</span>
+          <span class ="site-name">Account</span>
         </h1>
         <% if user_signed_in? %>
           <p class="current-user">
@@ -27,6 +27,10 @@
         <% end %>
       </header>
 
+      <% if user_signed_in? && current_user.confirmed? %>
+        <%= render partial: 'shared/main_nav' %>
+      <% end %>
+
       <% flash.each do |type, msg| %>
         <div class="flash-msg <%= type %>">
           <p><%= msg %></p>

app/views/layouts/signup.html.erb

@@ -15,9 +15,9 @@
     <div id="wrapper">
       <header>
         <h1>
+          <span class ="icon"><%= render partial: "shared/icons/comet" %></span>
           <span class ="project-name">Kosmos</span>
           <span class ="site-name">Sign Up</span>
-          <!-- <span class="beta"><span class="bolt">⚡</span> beta</span> -->
         </h1>
         <% if user_signed_in? %>
           <p class="current-user">

app/views/security/index.html.erb

@@ -0,0 +1,12 @@
+<section>
+  <h2>Security</h2>
+</section>
+
+<section>
+  <h3>Password change</h3>
+  <p>
+    <%= form_with(url: settings_reset_password_path, method: :post) do %>
+      <%= submit_tag("Send me a password reset link") %>
+    <% end %>
+  </p>
+</section>

app/views/shared/_admin_nav.html.erb

@@ -0,0 +1,22 @@
+<nav id="main-nav">
+  <div class="wrapper">
+    <ul class="pages">
+      <li>
+        <%= link_to "Dashboard", admin_root_path,
+             class: @current_section == :dashboard ? "active" : nil %>
+      </li>
+      <li>
+        <%= link_to "Invitations", admin_invitations_path,
+              class: @current_section == :invitations ? "active" : nil %>
+      </li>
+      <li>
+        <%= link_to "Donations", admin_donations_path,
+              class: @current_section == :donations ? "active" : nil %>
+      </li>
+      <li>
+        <%= link_to "LDAP Users", admin_ldap_users_path,
+              class: @current_section == :ldap_users ? "active" : nil %>
+      </li>
+    </ul>
+  </div>
+</nav>

app/views/shared/_main_nav.html.erb

@@ -0,0 +1,22 @@
+<nav id="main-nav">
+  <div class="wrapper">
+    <ul class="pages">
+      <li>
+        <%= link_to "Services", root_path,
+             class: @current_section == :dashboard ? "active" : nil %>
+      </li>
+      <li>
+        <%= link_to "Invitations", invitations_path,
+              class: @current_section == :invitations ? "active" : nil %>
+      </li>
+      <li>
+        <%= link_to "Donations", donations_path,
+              class: @current_section == :contributions ? "active" : nil %>
+      </li>
+      <li>
+        <%= link_to "Security", security_path,
+              class: @current_section == :security ? "active" : nil %>
+      </li>
+    </ul>
+  </div>
+</nav>

app/views/shared/icons/_comet.html.erb

@@ -0,0 +1 @@
+<svg id="icon-comet" width="65.364" height="55.773" enable-background="new 0 0 100 100" version="1.1" viewBox="0 0 65.364 55.773" xml:space="preserve" xmlns="http://www.w3.org/2000/svg"><g id="layer1" transform="translate(28.868 20.259)" fill="#fff"><path id="path2" d="m22.81-9.2546-0.0137-0.0072c-0.0445-0.0196-0.0895-0.04052-0.13335-0.06078l-23.822-10.937s2.0034 9.219 2.914 11.778c0 0-27.292-8.1582-30.623-8.9354 1.0916 4.2618 20.006 40.848 20.006 40.848 3.8225 7.7608 12.677 12.083 21.912 12.083 12.949 0 23.446-10.497 23.446-23.446 6.6e-4 -9.4655-5.609-17.62-13.685-21.323z" fill="#fff" stroke-width=".65365"/></g></svg>

config/application.rb

@@ -39,5 +39,8 @@ module Akkounts
       g.fixture_replacement :factory_bot, suffix_factory: 'factory', dir: 'spec/factories'
       g.stylesheets         false
     end
+
+    config.active_job.queue_adapter = :sidekiq
+    config.action_mailer.deliver_later_queue_name = nil # use "default" queue
   end
 end

config/credentials.yml.enc

@@ -1 +1 @@
-LWyKwPZq9Kd97rn/7+q3MEkh7kITScDMHD3JvVuaV3A4YIHJHU+460k+PaEGlsH1xkbuClGiAb57rk1XLyDnmVGtbSueYOtinkw6kar8ZfKWZob061LwGjpMVRQkS49TjCUZlqCFrXeKxlH03mXWBnqAj9RUIPrm7eibb3c7qmJFglR1380RSVsfZnp8A3QwGm4Wh9OWtpUa6P2lne0jQsOuSe8ur3DUF0LplzS4CbkMxAUDOom+pXB13AlxOH9NQE7F4dsYHugHkh1tG3r3ER3xAUD/9Kn6UZZP7BnwUs3zqhoZdULRpRgA5dK7ueTIAnO/jtJDF4562VS8ECo7AnNoVxNe8/mBMFIOUfqg+db/72N2pIk3r4lK7Uzm/4jJ5/99ItnQjHQPcApiwZXIr3OyDLUvq5+d0UVmAMXdwcAjvctVQXFx5imG149Y0ISHKWVm1ca37aAspxWPU+CIj8/HW0yEpjp3vhwDUbjCaZeAPm8UQC14MxZwSK3N+EUSQXdltiweFynabDB7zGGQsjMM8LwMtyo9bTBzJA78Cl96MDyd20i1zSF9ntLuKulwGm3oZowpbNuvo2anY6r9yBlDJBOEISbtXv2tLX4SqcM=--bRcsE4K/29XzyZat--+G3iQCLBqgSwLaQ+7+4YvA==
+LXwVUXfG3P3NMBp56xEQHKY4YABoVvECgctVLuj4XRkCUKQURUC3pt60yBbMfw8Qs7yH1oeNiUv5ouoNrxR35PiquFr05oIPoHbHewB/aRShe7y313q1iXfddfYnom9r7wEETkeuFLBULNrLjJjzlgJgB8A9lmcSKMy9lEdGKJ5LghA6pEGq4KRxlixr8vC8ExcDtdENuxSWPU97cc5YHGjTTaiB9XIM61xtGcBUcREaizSyzloeRjPee71GfWKfVx3XNTQDoKfs6cecWhrSLlOVjsWGoiGlwpff3cPo1pSuYIoNo/YRnfHEr1WTw/+R3nc0wgPMBZSmFLK/8Uunzr8T6Q3vqqWB1QnKBquOcASa8jRaPFBs5k8PUeCT6aYdVBV0GSOGlyll2dBtfwrZgt2ssk24BuqK5pru5vIdhWNR7zl3+R0o2ABLTEcBSuxe754NiPasEKRQ8/K4lojOjnOcwdhdqC7jN2RVS5G03ZgHEqk1m+Z9svtu9PaRAD8I9vrpCQfq9Bifm2qZUSBJrgexHtDnSMfg/36hCUeyd2z0naoq3IWJ/xyCf1S5uzyd5MPh7N76L9FudD5nK39Jrj+yuVayAXQ1M9K89kSCiC2/ZbBE--TCbSksW4umkXZY62--jE6cZdM44o8/AWe7alnotA==

config/environments/test.rb

@@ -49,4 +49,6 @@ Rails.application.configure do
     protocol: "https",
     from: "accounts@kosmos.org"
   }
+
+  config.active_job.queue_adapter = :test
 end

config/routes.rb

@@ -1,4 +1,7 @@
+require 'sidekiq/web'
+
 Rails.application.routes.draw do
+  resources :donations
   devise_for :users
 
   get 'welcome', to: 'welcome#index'
@@ -11,11 +14,19 @@ Rails.application.routes.draw do
   get 'settings', to: 'settings#index'
   post 'settings_reset_password', to: 'settings#reset_password'
 
+  get 'security', to: 'security#index'
+
   resources :invitations, only: ['index', 'show', 'create', 'destroy']
 
   namespace :admin do
     root to: 'dashboard#index'
+    get 'invitations', to: 'invitations#index'
     get 'ldap_users', to: 'ldap_users#index'
+    resources :donations
+  end
+
+  authenticate :user, ->(user) { user.is_admin? } do
+    mount Sidekiq::Web => '/sidekiq'
   end
 
   # Letter Opener (open "sent" emails in dev and staging)

config/sidekiq.yml

@@ -0,0 +1,3 @@
+:concurrency: 2
+:queues:
+  - default

db/migrate/20201130132533_create_invitations.rb

@@ -8,6 +8,7 @@ class CreateInvitations < ActiveRecord::Migration[6.0]
 
       t.timestamps
     end
+
     add_index :invitations, :user_id
     add_index :invitations, :invited_user_id
   end

db/migrate/20201217161544_create_donations.rb

@@ -0,0 +1,15 @@
+class CreateDonations < ActiveRecord::Migration[6.0]
+  def change
+    create_table :donations do |t|
+      t.integer :user_id
+      t.integer :amount_sats
+      t.integer :amount_eur
+      t.integer :amount_usd
+      t.string :public_name
+
+      t.timestamps
+    end
+
+    add_index :donations, :user_id
+  end
+end

db/migrate/20201219121808_add_paid_at_to_donations.rb

@@ -0,0 +1,5 @@
+class AddPaidAtToDonations < ActiveRecord::Migration[6.0]
+  def change
+    add_column :donations, :paid_at, :datetime
+  end
+end

db/schema.rb

@@ -10,7 +10,19 @@
 #
 # It's strongly recommended that you check this file into your version control system.
 
-ActiveRecord::Schema.define(version: 2020_11_30_132533) do
+ActiveRecord::Schema.define(version: 2020_12_19_121808) do
+
+  create_table "donations", force: :cascade do |t|
+    t.integer "user_id"
+    t.integer "amount_sats"
+    t.integer "amount_eur"
+    t.integer "amount_usd"
+    t.string "public_name"
+    t.datetime "created_at", precision: 6, null: false
+    t.datetime "updated_at", precision: 6, null: false
+    t.datetime "paid_at"
+    t.index ["user_id"], name: "index_donations_on_user_id"
+  end
 
   create_table "invitations", force: :cascade do |t|
     t.string "token"

spec/factories/donations.rb

@@ -0,0 +1,9 @@
+FactoryBot.define do
+  factory :donation do
+    user_id { 1 }
+    amount_sats { 100000 }
+    amount_eur { 10 }
+    amount_usd { 13 }
+    public_name { nil }
+  end
+end

spec/features/admin/dashboard_spec.rb

@@ -10,6 +10,6 @@ RSpec.describe 'Admin dashboard', type: :feature do
 
   scenario 'View dashboard' do
     visit admin_root_path
-    expect(page).to have_content('Admin Panel')
+    expect(page).to have_content('great power')
   end
 end

spec/features/signup_spec.rb

@@ -53,8 +53,11 @@ RSpec.describe "Signup", type: :feature do
       expect(page).to have_content("Choose a password")
 
       expect(CreateAccount).to receive(:call)
-        .with(username: "tony", email: "tony@example.com", password: "a-valid-password")
-        .and_return(true)
+        .with(
+          username: "tony", domain: "kosmos.org",
+          email: "tony@example.com", password: "a-valid-password",
+          invitation: Invitation.last
+        ).and_return(true)
 
       fill_in "user_password", with: "a-valid-password"
       click_button "Create account"
@@ -62,7 +65,6 @@ RSpec.describe "Signup", type: :feature do
         expect(page).to have_content("confirm your address")
       end
       expect(page).to have_content("close this window or tab now")
-      expect(User.last.confirmed_at).to be_nil
     end
 
     scenario "Validation errors" do
@@ -89,15 +91,17 @@ RSpec.describe "Signup", type: :feature do
       expect(page).to have_content("Password is too short")
 
       expect(CreateAccount).to receive(:call)
-        .with(username: "tony", email: "tony@example.com", password: "a-valid-password")
-        .and_return(true)
+        .with(
+          username: "tony", domain: "kosmos.org",
+          email: "tony@example.com", password: "a-valid-password",
+          invitation: Invitation.last
+        ).and_return(true)
 
       fill_in "user_password", with: "a-valid-password"
       click_button "Create account"
       within ".flash-msg.notice" do
         expect(page).to have_content("confirm your address")
       end
-      expect(User.last.cn).to eq("tony")
     end
   end
 end

spec/helpers/application_helper_spec.rb

@@ -0,0 +1,9 @@
+require 'rails_helper'
+
+describe ApplicationHelper do
+  describe "sats_to_btc" do
+    it "converts satoshis to BTC" do
+      expect(helper.sats_to_btc(120000000)).to eq(1.2)
+    end
+  end
+end

spec/helpers/donations_helper_spec.rb

@@ -0,0 +1,15 @@
+require 'rails_helper'
+
+# Specs in this file have access to a helper object that includes
+# the DonationsHelper. For example:
+#
+# describe DonationsHelper do
+#   describe "string concat" do
+#     it "concats two strings with spaces" do
+#       expect(helper.concat_strings("this","that")).to eq("this that")
+#     end
+#   end
+# end
+RSpec.describe DonationsHelper, type: :helper do
+  pending "add some examples to (or delete) #{__FILE__}"
+end

spec/jobs/create_ldap_user_job_spec.rb

@@ -0,0 +1,34 @@
+require 'rails_helper'
+
+RSpec.describe CreateLdapUserJob, type: :job do
+  let(:ldap_client_mock) { instance_double(Net::LDAP) }
+
+  subject(:job) {
+    described_class.any_instance.stub(:ldap_client).and_return(ldap_client_mock)
+    described_class.perform_later(
+      'halfinney', 'kosmos.org', 'halfinney@example.com',
+      'remember-remember-the-5th-of-november'
+    )
+  }
+
+  it "creates a new document with the correct attributes" do
+    ldap_client_mock.should_receive(:add).with(
+      dn: "cn=halfinney,ou=kosmos.org,cn=users,dc=kosmos,dc=org",
+      attributes: {
+        objectclass: ["top", "account", "person", "extensibleObject"],
+        cn: "halfinney",
+        sn: "halfinney",
+        uid: "halfinney",
+        mail: "halfinney@example.com",
+        userPassword: "remember-remember-the-5th-of-november"
+      }
+    )
+
+    perform_enqueued_jobs { job }
+  end
+
+  after do
+    clear_enqueued_jobs
+    clear_performed_jobs
+  end
+end

spec/jobs/exchange_xmpp_contacts_job_spec.rb

@@ -0,0 +1,29 @@
+require 'rails_helper'
+require 'webmock/rspec'
+
+RSpec.describe ExchangeXmppContactsJob, type: :job do
+  let(:user) { create :user, cn: "willherschel", ou: "kosmos.org" }
+
+  subject(:job) {
+    described_class.perform_later(user, 'isaacnewton', 'kosmos.org')
+  }
+
+  before do
+    stub_request(:post, "http://xmpp.example.com/api/add_rosteritem")
+      .to_return(status: 200, body: "", headers: {})
+  end
+
+  it "posts add_rosteritem commands to the ejabberd API" do
+    perform_enqueued_jobs { job }
+
+    expect(WebMock).to have_requested(:post, "http://xmpp.example.com/api/add_rosteritem")
+      .with { |req| req.body == '{"localuser":"isaacnewton","localhost":"kosmos.org","user":"willherschel","host":"kosmos.org","nick":"willherschel","group":"Friends","subs":"both"}' }
+    expect(WebMock).to have_requested(:post, "http://xmpp.example.com/api/add_rosteritem")
+      .with { |req| req.body == '{"localuser":"willherschel","localhost":"kosmos.org","user":"isaacnewton","host":"kosmos.org","nick":"isaacnewton","group":"Friends","subs":"both"}' }
+  end
+
+  after do
+    clear_enqueued_jobs
+    clear_performed_jobs
+  end
+end

spec/models/donation_spec.rb

@@ -0,0 +1,5 @@
+require 'rails_helper'
+
+RSpec.describe Donation, type: :model do
+  pending "add some examples to (or delete) #{__FILE__}"
+end

spec/rails_helper.rb

@@ -69,5 +69,6 @@ RSpec.configure do |config|
   config.include Devise::Test::ControllerHelpers, :type => :controller
   config.include Warden::Test::Helpers
   config.include FactoryBot::Syntax::Methods
+  config.include ActiveJob::TestHelper, type: :job
   config.extend ControllerMacros, :type => :controller
 end

spec/services/create_account_spec.rb

@@ -1,33 +1,95 @@
 require 'rails_helper'
 
 RSpec.describe CreateAccount, type: :model do
-  let(:ldap_client_mock) { instance_double(Net::LDAP) }
+  describe "#create_user_in_database" do
+    let(:service) { CreateAccount.new(
+      username: 'isaacnewton',
+      email: 'isaacnewton@example.com',
+      password: 'bright-ideas-in-autumn'
+    )}
 
-  before do
-    allow(service).to receive(:ldap_client).and_return(ldap_client_mock)
+    it "creates a new user record in the akkounts database" do
+      expect(User.count).to eq(0)
+      service.send(:create_user_in_database)
+      expect(User.count).to eq(1)
+      expect(User.last.cn).to eq("isaacnewton")
+      expect(User.last.email).to eq("isaacnewton@example.com")
+    end
+  end
+
+  describe "#update_invitation" do
+    let(:invitation) { create :invitation }
+    let(:service) { CreateAccount.new(
+      username: 'isaacnewton',
+      email: 'isaacnewton@example.com',
+      password: 'bright-ideas-in-autumn',
+      invitation: invitation
+    )}
+
+    before(:each) do
+      service.send(:update_invitation, 23)
+    end
+
+    it "marks the invitation as used" do
+      expect(invitation.used_at).not_to be_nil
+    end
+
+    it "saves the invited user's ID" do
+      expect(invitation.invited_user_id).to eq(23)
+    end
   end
 
   describe "#add_ldap_document" do
+    include ActiveJob::TestHelper
+
     let(:service) { CreateAccount.new(
       username: 'halfinney',
       email: 'halfinney@example.com',
       password: 'remember-remember-the-5th-of-november'
     )}
 
-    it "creates a new document with the correct attributes" do
-      expect(ldap_client_mock).to receive(:add).with(
-        dn: "cn=halfinney,ou=kosmos.org,cn=users,dc=kosmos,dc=org",
-        attributes: {
-          objectclass: ["top", "account", "person", "extensibleObject"],
-          cn: "halfinney",
-          sn: "halfinney",
-          uid: "halfinney",
-          mail: "halfinney@example.com",
-          userPassword: /^{SSHA512}.{171}=/
-        }
-      )
-
+    it "enqueues a job to create the LDAP user document" do
       service.send(:add_ldap_document)
+
+      expect(enqueued_jobs.size).to eq(1)
+
+      args = enqueued_jobs.first['arguments']
+      expect(args[0]).to eq('halfinney')
+      expect(args[1]).to eq('kosmos.org')
+      expect(args[2]).to eq('halfinney@example.com')
+      expect(args[3]).to match(/^{SSHA512}.{171}=/)
+    end
+
+    after do
+      clear_enqueued_jobs
+    end
+  end
+
+  describe "#exchange_xmpp_contacts" do
+    include ActiveJob::TestHelper
+
+    let(:inviter) { create :user, cn: "willherschel", ou: "kosmos.org" }
+    let(:invitation) { create :invitation, user: inviter }
+    let(:service) { CreateAccount.new(
+      username: 'isaacnewton',
+      email: 'isaacnewton@example.com',
+      password: 'bright-ideas-in-autumn',
+      invitation: invitation
+    )}
+
+    it "enqueues a job to exchange XMPP contacts between inviter and invitee" do
+      service.send(:exchange_xmpp_contacts)
+
+      expect(enqueued_jobs.size).to eq(1)
+
+      args = enqueued_jobs.first['arguments']
+      expect(args[0]['_aj_globalid']).to match('gid://akkounts/User')
+      expect(args[1]).to eq('isaacnewton')
+      expect(args[2]).to eq('kosmos.org')
+    end
+
+    after do
+      clear_enqueued_jobs
     end
   end
 end