1
0
mirror of https://github.com/LaCasemate/fab-manager.git synced 2025-01-21 10:52:21 +01:00
fab-manager/app/controllers/api/auth_providers_controller.rb

95 lines
3.0 KiB
Ruby
Raw Normal View History

2019-01-16 13:07:19 +01:00
# frozen_string_literal: true
# API Controller for resources of type AuthProvider
# AuthProvider are used to connect users through single-sign on systems
2016-03-23 18:39:41 +01:00
class API::AuthProvidersController < API::ApiController
2019-01-16 13:07:19 +01:00
before_action :set_provider, only: %i[show update destroy]
2016-03-23 18:39:41 +01:00
def index
@providers = policy_scope(AuthProvider)
end
def create
authorize AuthProvider
@provider = AuthProvider.new(provider_params)
if @provider.save
render :show, status: :created, location: @provider
else
render json: @provider.errors, status: :unprocessable_entity
end
end
def update
authorize AuthProvider
if @provider.update(provider_params)
render :show, status: :ok, location: @provider
else
render json: @provider.errors, status: :unprocessable_entity
end
end
def show
authorize AuthProvider
end
def destroy
authorize AuthProvider
2016-09-26 12:41:59 +02:00
if @provider.safe_destroy
head :no_content
else
render json: @provider.errors, status: :unprocessable_entity
end
2016-03-23 18:39:41 +01:00
end
def mapping_fields
authorize AuthProvider
render :mapping_fields, status: :ok
end
def active
authorize AuthProvider
@provider = AuthProvider.active
@previous = AuthProvider.previous
2016-03-23 18:39:41 +01:00
end
def send_code
authorize AuthProvider
user = User.find_by(email: params[:email])
if user&.auth_token
if AuthProvider.active.providable_type != DatabaseProvider.name
NotificationCenter.call type: 'notify_user_auth_migration',
receiver: user,
attached_object: user
2019-01-16 13:07:19 +01:00
render json: { status: 'processing' }, status: :ok
else
2019-01-16 13:07:19 +01:00
render json: { status: 'error', error: I18n.t('members.current_authentication_method_no_code') }, status: :bad_request
end
else
2019-01-16 13:07:19 +01:00
render json: { status: 'error', error: I18n.t('members.requested_account_does_not_exists') }, status: :bad_request
end
end
2016-03-23 18:39:41 +01:00
private
2019-01-16 13:07:19 +01:00
def set_provider
@provider = AuthProvider.find(params[:id])
end
2016-03-23 18:39:41 +01:00
2019-01-16 13:07:19 +01:00
def provider_params
if params['auth_provider']['providable_type'] == DatabaseProvider.name
params.require(:auth_provider).permit(:name, :providable_type)
elsif params['auth_provider']['providable_type'] == OAuth2Provider.name
params.require(:auth_provider)
.permit(:name, :providable_type,
providable_attributes: [:id, :base_url, :token_endpoint, :authorization_endpoint, :logout_endpoint,
:profile_url, :client_id, :client_secret,
o_auth2_mappings_attributes: [:id, :local_model, :local_field, :api_field,
:api_endpoint, :api_data_type, :_destroy,
transformation: [:type, :format, :true_value,
:false_value, mapping: %i[from to]]]])
2016-03-23 18:39:41 +01:00
end
2019-01-16 13:07:19 +01:00
end
end