1
0
mirror of https://github.com/LaCasemate/fab-manager.git synced 2024-12-04 15:24:23 +01:00
fab-manager/app/models/auth_provider.rb

114 lines
3.2 KiB
Ruby
Raw Normal View History

2019-07-29 12:17:57 +02:00
# frozen_string_literal: true
2016-03-23 18:39:41 +01:00
# AuthProvider is a configuration record, storing parameters of an external Single-Sign On server
2020-03-25 10:16:47 +01:00
class AuthProvider < ApplicationRecord
2016-03-23 18:39:41 +01:00
# this is a simple stub used for database creation & configuration
class SimpleAuthProvider < Object
def providable_type
DatabaseProvider.name
end
def name
'DatabaseProvider::SimpleAuthProvider'
end
2016-03-23 18:39:41 +01:00
end
PROVIDABLE_TYPES = %w[DatabaseProvider OAuth2Provider OpenIdConnectProvider].freeze
2016-03-23 18:39:41 +01:00
belongs_to :providable, polymorphic: true, dependent: :destroy
2016-03-23 18:39:41 +01:00
accepts_nested_attributes_for :providable
has_many :auth_provider_mappings, dependent: :destroy
accepts_nested_attributes_for :auth_provider_mappings, allow_destroy: true
validates :providable_type, inclusion: { in: PROVIDABLE_TYPES }
validates :name, presence: true, uniqueness: true
validates_with UserUidMappedValidator, if: -> { %w[OAuth2Provider OpenIdConnectProvider].include?(providable_type) }
2016-03-23 18:39:41 +01:00
before_create :set_initial_state
def build_providable(params)
2016-03-23 18:39:41 +01:00
raise "Unknown providable_type: #{providable_type}" unless PROVIDABLE_TYPES.include?(providable_type)
2016-03-23 18:39:41 +01:00
self.providable = providable_type.constantize.new(params)
end
## Return the currently active provider
def self.active
local = SimpleAuthProvider.new
begin
provider = find_by(status: 'active')
return local if provider.nil?
provider
2016-03-23 18:39:41 +01:00
rescue ActiveRecord::StatementInvalid
# we fall here on database creation because the table "active_providers" still does not exists at the moment
local
2016-03-23 18:39:41 +01:00
end
end
## Return the previously active provider
def self.previous
find_by(status: 'previous')
end
2016-03-23 18:39:41 +01:00
## Get the provider matching the omniAuth strategy name
def self.from_strategy_name(strategy_name)
return SimpleAuthProvider.new if strategy_name.blank? || all.empty?
2016-03-23 18:39:41 +01:00
parsed = /^([^-]+)-(.+)$/.match(strategy_name)
ret = nil
all.find_each do |strategy|
if strategy.provider_type == parsed[1] && strategy.name.downcase.parameterize == parsed[2]
2016-03-23 18:39:41 +01:00
ret = strategy
break
end
end
ret
end
## Return the name that should be registered in OmniAuth for the corresponding strategy
def strategy_name
"#{provider_type}-#{name.downcase.parameterize}"
2016-03-23 18:39:41 +01:00
end
## Return the provider type name without the "Provider" part.
## eg. DatabaseProvider will return 'database'
def provider_type
providable_type[0..-9]&.downcase
2016-03-23 18:39:41 +01:00
end
## Return the user's profile fields that are currently managed from the SSO
## @return [Array]
def sso_fields
fields = []
auth_provider_mappings.each do |mapping|
fields.push("#{mapping.local_model}.#{mapping.local_field}")
end
fields
2016-03-23 18:39:41 +01:00
end
## Return the link the user have to follow to edit his profile on the SSO
## @return [String]
def link_to_sso_profile
providable.profile_url
end
2016-09-26 12:41:59 +02:00
def safe_destroy
if status == 'active'
2016-09-26 12:41:59 +02:00
false
else
destroy
2016-09-26 12:41:59 +02:00
end
end
2016-03-23 18:39:41 +01:00
private
2016-03-23 18:39:41 +01:00
def set_initial_state
# the initial state of a new AuthProvider will be 'pending', except if there is currently
# no providers in the database, he we will be 'active' (see seeds.rb)
self.status = 'pending' unless AuthProvider.count.zero?
2016-03-23 18:39:41 +01:00
end
end