nocebo/diaspora
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

kill your darlings; remove diaspora_client with fire

Browse source
This commit is contained in:
Maxwell Salzberg 2012-05-16 18:55:08 -07:00
parent 69d81951a5
commit 471ce309ea
28 changed files with 120 additions and 1014 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

14
Gemfile
View file

@ -6,10 +6,11 @@ ruby '1.9.3' if ENV['HEROKU']
gem 'rails', '3.2.2'
gem 'foreman', '0.41'
gem 'whenever'
gem 'whenever' #why is this in the bundle
gem 'rails_autolink'
gem 'thin', '~> 1.3.1', :require => false
gem 'thin', '~> 1.3.1', :require => false #why is this here?
# cross-origin resource sharing
@ -18,8 +19,7 @@ gem 'rack-cors', '~> 0.2.4', :require => 'rack/cors'
# authentication
gem 'devise', '1.5.3'
gem 'jwt'
gem 'oauth2-provider', '0.0.19'
gem 'remotipart', '~> 1.0'
gem 'omniauth', '1.0.3'
@ -90,6 +90,7 @@ gem 'resque', '1.20.0'
gem 'resque-timeout', '1.0.0'
gem 'SystemTimer', '1.2.3', :platforms => :ruby_18
gem 'rest-client' #why, need to switch to faraday
# tags
gem 'acts-as-taggable-on', '~> 2.2.2'
@ -148,11 +149,9 @@ group :test do
gem 'database_cleaner', '0.7.1'
gem 'timecop'
#"0.1.0", #:path => '~/workspace/diaspora-client'
gem 'factory_girl_rails', '1.7.0'
gem 'fixture_builder', '0.3.3'
gem 'fuubar', '>= 1.0'
gem 'mongrel', :require => false, :platforms => :ruby_18
gem 'rspec', '>= 2.0.0'
gem 'rspec-core', '~> 2.9.0'
gem 'rspec-instafail', '>= 0.1.7', :require => false
@ -167,6 +166,9 @@ group :test do
gem 'guard-rspec'
gem 'guard-spork'
gem 'guard-cucumber'
gem 'mongrel', :require => false, :platforms => :ruby_18 #why
end
group :test, :development do

38
Gemfile.lock
View file

@ -13,20 +13,6 @@ GIT
specs:
settingslogic (2.0.8)
GIT
remote: git://github.com/diaspora/diaspora-client.git
revision: 86bd398a60320e06d9b8f9c865955dfe2df851db
specs:
diaspora-client (0.1.3.1)
activerecord
em-http-request
em-synchrony
faraday
jwt (>= 0.1.3)
oauth2 (= 0.5.0)
rack-fiber_pool
sinatra
GIT
remote: git://github.com/pivotal/jasmine-gem.git
revision: 1e075fbf5a69812fcc914c453f002ecf5bed38ab
@ -120,7 +106,6 @@ GEM
execjs
coffee-script-source (1.3.2)
columnize (0.3.6)
cookiejar (0.3.0)
crack (0.3.1)
cucumber (1.2.0)
builder (>= 2.1.2)
@ -145,16 +130,6 @@ GEM
orm_adapter (~> 0.0.3)
warden (~> 1.1)
diff-lcs (1.1.3)
em-http-request (1.0.2)
addressable (>= 2.2.3)
cookiejar
em-socksify
eventmachine (>= 1.0.0.beta.4)
http_parser.rb (>= 0.5.3)
em-socksify (0.2.0)
eventmachine (>= 1.0.0.beta.4)
em-synchrony (1.0.0)
eventmachine (>= 1.0.0.beta.1)
erubis (2.7.0)
eventmachine (1.0.0.beta.4)
excon (0.13.4)
@ -236,7 +211,6 @@ GEM
hodel_3000_compliant_logger (0.1.0)
hpricot (0.8.6)
http_accept_language (1.0.2)
http_parser.rb (0.5.3)
i18n (0.6.0)
i18n-inflector (2.6.6)
i18n (>= 0.4.1)
@ -253,8 +227,6 @@ GEM
jquery-rails
railties (>= 3.1.0)
json (1.7.3)
jwt (0.1.4)
json (>= 1.2.4)
kaminari (0.13.0)
actionpack (>= 3.0.0)
activesupport (>= 3.0.0)
@ -301,9 +273,6 @@ GEM
oauth2 (0.5.0)
faraday (>= 0.6.1, < 0.8)
multi_json (~> 1.0.0)
oauth2-provider (0.0.19)
activesupport (~> 3.0)
addressable (~> 2.2)
oink (0.9.3)
activerecord
hodel_3000_compliant_logger
@ -333,7 +302,6 @@ GEM
rack (>= 0.4)
rack-cors (0.2.6)
rack
rack-fiber_pool (0.9.2)
rack-mobile-detect (0.3.0)
rack
rack-piwik (0.1.2)
@ -510,8 +478,6 @@ DEPENDENCIES
database_cleaner (= 0.7.1)
debugger
devise (= 1.5.3)
diaspora-client!
em-synchrony (= 1.0.0)
factory_girl_rails (= 1.7.0)
faraday
faraday_middleware
@ -534,7 +500,6 @@ DEPENDENCIES
jasmine!
jquery-rails
json
jwt
linecache (= 0.46)
markerb (~> 1.0.0)
messagebus_ruby_api (= 1.0.3)
@ -545,7 +510,6 @@ DEPENDENCIES
mysql2 (= 0.3.11)
newrelic_rpm
nokogiri (= 1.5.2)
oauth2-provider (= 0.0.19)
oink
omniauth (= 1.0.3)
omniauth-facebook
@ -565,7 +529,7 @@ DEPENDENCIES
remotipart (~> 1.0)
resque (= 1.20.0)
resque-timeout (= 1.0.0)
rest-client (= 1.6.7)
rest-client
roxml!
rpm_contrib (~> 2.1.7)
rspec (>= 2.0.0)

5
app/helpers/getting_started_helper.rb
View file

@ -3,11 +3,6 @@
# the COPYRIGHT file.
module GettingStartedHelper
# @return [Boolean] The user has connected to cubbi.es
def has_connected_cubbies?
current_user.authorizations.size > 0
end
# @return [Boolean] The user has completed all steps in getting started
def has_completed_getting_started?
current_user.getting_started == false

4
app/models/account_deleter.rb
View file

@ -42,7 +42,7 @@ class AccountDeleter
#user deletions
def normal_ar_user_associates_to_delete
[:tag_followings, :authorizations, :invitations_to_me, :services, :aspects, :user_preferences, :notifications, :blocks]
[:tag_followings, :invitations_to_me, :services, :aspects, :user_preferences, :notifications, :blocks]
end
def special_ar_user_associations
@ -50,7 +50,7 @@ class AccountDeleter
end
def ignored_ar_user_associations
[:followed_tags, :invited_by, :contact_people, :applications, :aspect_memberships, :ignored_people]
[:followed_tags, :invited_by, :contact_people, :aspect_memberships, :ignored_people]
end
def delete_standard_user_associations

4
app/models/oauth2_provider_models_activerecord_authorization.rb
View file

@ -1,4 +0,0 @@
class OAuth2::Provider::Models::ActiveRecord::Authorization
validates_presence_of :resource_owner_id, :resource_owner_type
validates_uniqueness_of :client_id, :scope => :resource_owner_id
end

12
app/models/oauth2_provider_models_activerecord_client.rb
View file

@ -1,12 +0,0 @@
class OAuth2::Provider::Models::ActiveRecord::Client
def self.find_or_create_from_manifest!(manifest, pub_key)
find_by_name(manifest['name']) || self.create!(
:name => manifest["name"],
:permissions_overview => manifest["permissions_overview"],
:description => manifest["description"],
:application_base_url => manifest["application_base_url"],
:icon_url => manifest["icon_url"],
:public_key => pub_key.export
)
end
end

2
app/models/user.rb
View file

@ -59,8 +59,6 @@ class User < ActiveRecord::Base
has_many :notifications, :foreign_key => :recipient_id
has_many :authorizations, :class_name => 'OAuth2::Provider::Models::ActiveRecord::Authorization', :foreign_key => :resource_owner_id
has_many :applications, :through => :authorizations, :source => :client
before_save :guard_unconfirmed_email,
:save_person!

31
app/views/apps/show.html.haml
View file

@ -1,31 +0,0 @@
-# Copyright (c) 2010-2011, Diaspora Inc. This file is
-# licensed under the Affero General Public License version 3 or later. See
-# the COPYRIGHT file.
- content_for :page_title do
= "everything happening from #{@app}"
- content_for :head do
= javascript_include_tag :home
- content_for :body_class do
= "apps_show"
- content_for :break_the_mold do
= "width:100%;"
%h1
= "#{@app}"
#main_stream.stream.canvas
- if @posts.length > 0
- for post in @posts
.image-element.stream_element
.hold-me
= link_to(image_tag(post.image_url), post_path(post))
.via
= post.author.name
.time{:integer => post.created_at.to_i}
#pagination
=link_to(t('more'), next_page_path, :class => 'paginate')

27
app/views/authorizations/index.html.haml
View file

@ -1,27 +0,0 @@
-# Copyright (c) 2010-2011, Diaspora Inc. This file is
-# licensed under the Affero General Public License version 3 or later. See
-# the COPYRIGHT file.
#section_header
%h2
= t('settings')
= render 'shared/settings_nav'
.span-19.prepend-5.last
#applications_stream.stream
-if @applications.any?
- @applications.each do |app|
.stream_element{:id => app.id}
.float-right
= link_to t('.revoke_access'), authorization_path(:id => app.id), :method => :delete, :confirm => 'are you sure?', :class => "button"
.media
- if app.icon_url
.img
= image_tag(app.application_base_url + app.icon_url, :class => "avatar")
.bd
%div.from
= link_to app.name, app.application_base_url
= app.description
- else
= t('.no_applications')

24
app/views/authorizations/index.mobile.haml
View file

@ -1,24 +0,0 @@
-# Copyright (c) 2010-2011, Diaspora Inc. This file is
-# licensed under the Affero General Public License version 3 or later. See
-# the COPYRIGHT file.
%h3
= t('_applications')
#applications_stream.stream
- if @applications.count > 0
- for app in @applications
.stream_element{:id => app.id}
.right
= link_to t('.revoke_access'), authorization_path(:id => app.id), :method => :delete, :confirm => 'are you sure?', :class => "button"
- if app.icon_url
= image_tag(app.application_base_url + app.icon_url, :class => "avatar")
.content
%div.from
= link_to app.name, app.application_base_url
= app.description
- else
= t('.no_applications')
%br

42
app/views/authorizations/new.html.haml
View file

@ -1,42 +0,0 @@
#authorize
#application-description
= image_tag(@client.application_base_url + @client.icon_url, :id => 'client-application-image')
%br
%strong
= @client.name
.description
= @client.description
%h2
= @client.permissions_overview
%ul#requested-scopes
- @requested_scopes.each do |scope|
- if scope == "profile"
%li
.scope-photo
= owner_image_tag
.scope-description
%strong
Basic Info
%br
Cubbies will be able to see your name, profile photo, and other basic profile information.
- elsif scope == "AS_photo:post"
%li
.scope-photo
= image_tag('/assets/icons/photo.png', :title => t('.cubbies_will'))
.scope-description
%strong
Your Photos
%br
Cubbies will be able to post photos on your behalf
= form_for :authorization,
:url => oauth_authorize_path(params.slice(:redirect_uri, :client_id, :client_secret)) do |form|
%br
%p
= form.submit "Fuck Yeah!", :value => t('.authorize'), :class => 'button', :name => "confirm"
= form.submit "Hell No.", :value => t('.nope'), :class => 'button', :name => "cancel"

1
app/views/shared/_settings_nav.haml
View file

@ -3,4 +3,3 @@
%li= link_to_unless_current t('account'), edit_user_path
%li= link_to_unless_current t('privacy'), privacy_settings_path
%li= link_to_unless_current t('_services'), services_path
%li= link_to_unless_current t('_applications'), authorizations_path

42
app/views/tokens/show.html.haml
View file

@ -1,42 +0,0 @@
- content_for :page_title do
= t('.connect_to_cubbies')
.span-24.last{:style => "position:relative;"}
.right{:style => 'z-index:10;'}
= link_to t('.sign_up_today'), 'http://cubbi.es', :class => "button sign_up"
%h1
= t('.connect_to_cubbies')
%h3
= t('.what_is_cubbies')
%br
= t('.love_to_try')
%hr
.cubbies_infographic.span-24{:style => "text-align:left;position:relative;"}
= image_tag 'cubbies_screenshot2.png', :height => 452, :width => 600, :class => "cubbies_screenshot"
= image_tag 'cubbies_collage.png', :class => "cubbies_collage"
.span-24.last{:style => "text-align:right;"}
%p.subtle
!= t('.screenshot_explanation', :link1 => link_to(t('.typical_userpage'), "http://cubbi.es/daniel"), :link2 => link_to(t('.daniels_account'), "https://joindiaspora.com/u/daniel"))
%br
%hr
%br
.span-24.last
%h2
= t('.making_the_connection')
%br
.span-24.last
.span-10
= image_tag 'connect_services.png', :class => "cubbies-settings-image"
%div.subtle
!= t('.via', :link => link_to('http://cubbi.es/users/edit', 'http://cubbi.es/users/edit'))
.span-12.last
%h3
!= t('.connecting_is_simple', :diaspora_id => current_user.diaspora_handle, :href_link => 'http://cubbi.es/users/edit')

57
db/migrate/20120517014034_remove_oauth.rb Normal file
View file

@ -0,0 +1,57 @@
class RemoveOauth < ActiveRecord::Migration
def up
drop_table 'oauth_access_tokens'
drop_table "oauth_authorization_codes"
drop_table "oauth_authorizations"
drop_table "oauth_clients"
end
def down
create_table "oauth_access_tokens", :force => true do |t|
t.integer "authorization_id", :null => false
t.string "access_token", :limit => 127, :null => false
t.string "refresh_token", :limit => 127
t.datetime "expires_at"
t.datetime "created_at"
t.datetime "updated_at"
end
create_table "oauth_authorization_codes", :force => true do |t|
t.integer "authorization_id", :null => false
t.string "code", :limit => 127, :null => false
t.datetime "expires_at"
t.datetime "created_at"
t.datetime "updated_at"
t.string "redirect_uri"
end
create_table "oauth_authorizations", :force => true do |t|
t.integer "client_id", :null => false
t.integer "resource_owner_id"
t.string "resource_owner_type", :limit => 32
t.string "scope"
t.datetime "expires_at"
end
add_index "oauth_authorizations", ["resource_owner_id", "resource_owner_type", "client_id"], :name => "index_oauth_authorizations_on_resource_owner_and_client_id", :unique => true
create_table "oauth_clients", :force => true do |t|
t.string "name", :limit => 127, :null => false
t.text "description", :null => false
t.string "application_base_url", :limit => 127, :null => false
t.string "icon_url", :limit => 127, :null => false
t.string "oauth_identifier", :limit => 127, :null => false
t.string "oauth_secret", :limit => 127, :null => false
t.string "nonce", :limit => 127
t.text "public_key", :null => false
t.text "permissions_overview", :null => false
t.string "oauth_redirect_uri"
end
add_index "oauth_clients", ["application_base_url"], :name => "index_oauth_clients_on_application_base_url", :unique => true
add_index "oauth_clients", ["name"], :name => "index_oauth_clients_on_name", :unique => true
add_index "oauth_clients", ["nonce"], :name => "index_oauth_clients_on_nonce", :unique => true
end
end

153
db/schema.rb
View file

@ -11,7 +11,7 @@
#
# It's strongly recommended to check this file into your version control system.
ActiveRecord::Schema.define(:version => 20120510184853) do
ActiveRecord::Schema.define(:version => 20120517014034) do
create_table "account_deletions", :force => true do |t|
t.string "diaspora_handle"
@ -21,8 +21,8 @@ ActiveRecord::Schema.define(:version => 20120510184853) do
create_table "aspect_memberships", :force => true do |t|
t.integer "aspect_id", :null => false
t.integer "contact_id", :null => false
t.datetime "created_at"
t.datetime "updated_at"
t.datetime "created_at", :null => false
t.datetime "updated_at", :null => false
end
add_index "aspect_memberships", ["aspect_id", "contact_id"], :name => "index_aspect_memberships_on_aspect_id_and_contact_id", :unique => true
@ -32,8 +32,8 @@ ActiveRecord::Schema.define(:version => 20120510184853) do
create_table "aspect_visibilities", :force => true do |t|
t.integer "shareable_id", :null => false
t.integer "aspect_id", :null => false
t.datetime "created_at"
t.datetime "updated_at"
t.datetime "created_at", :null => false
t.datetime "updated_at", :null => false
t.string "shareable_type", :default => "Post", :null => false
end
@ -44,8 +44,8 @@ ActiveRecord::Schema.define(:version => 20120510184853) do
create_table "aspects", :force => true do |t|
t.string "name", :null => false
t.integer "user_id", :null => false
t.datetime "created_at"
t.datetime "updated_at"
t.datetime "created_at", :null => false
t.datetime "updated_at", :null => false
t.boolean "contacts_visible", :default => true, :null => false
t.integer "order_id"
end
@ -65,8 +65,8 @@ ActiveRecord::Schema.define(:version => 20120510184853) do
t.string "guid", :null => false
t.text "author_signature"
t.text "parent_author_signature"
t.datetime "created_at"
t.datetime "updated_at"
t.datetime "created_at", :null => false
t.datetime "updated_at", :null => false
t.integer "likes_count", :default => 0, :null => false
t.string "commentable_type", :limit => 60, :default => "Post", :null => false
end
@ -78,8 +78,8 @@ ActiveRecord::Schema.define(:version => 20120510184853) do
create_table "contacts", :force => true do |t|
t.integer "user_id", :null => false
t.integer "person_id", :null => false
t.datetime "created_at"
t.datetime "updated_at"
t.datetime "created_at", :null => false
t.datetime "updated_at", :null => false
t.boolean "sharing", :default => false, :null => false
t.boolean "receiving", :default => false, :null => false
end
@ -91,8 +91,8 @@ ActiveRecord::Schema.define(:version => 20120510184853) do
t.integer "conversation_id", :null => false
t.integer "person_id", :null => false
t.integer "unread", :default => 0, :null => false
t.datetime "created_at"
t.datetime "updated_at"
t.datetime "created_at", :null => false
t.datetime "updated_at", :null => false
end
add_index "conversation_visibilities", ["conversation_id", "person_id"], :name => "index_conversation_visibilities_usefully", :unique => true
@ -103,18 +103,16 @@ ActiveRecord::Schema.define(:version => 20120510184853) do
t.string "subject"
t.string "guid", :null => false
t.integer "author_id", :null => false
t.datetime "created_at"
t.datetime "updated_at"
t.datetime "created_at", :null => false
t.datetime "updated_at", :null => false
end
add_index "conversations", ["author_id"], :name => "conversations_author_id_fk"
create_table "invitation_codes", :force => true do |t|
t.string "token"
t.integer "user_id"
t.integer "count"
t.datetime "created_at"
t.datetime "updated_at"
t.datetime "created_at", :null => false
t.datetime "updated_at", :null => false
end
create_table "invitations", :force => true do |t|
@ -122,8 +120,8 @@ ActiveRecord::Schema.define(:version => 20120510184853) do
t.integer "sender_id"
t.integer "recipient_id"
t.integer "aspect_id"
t.datetime "created_at"
t.datetime "updated_at"
t.datetime "created_at", :null => false
t.datetime "updated_at", :null => false
t.string "service"
t.string "identifier"
t.boolean "admin", :default => false
@ -141,12 +139,11 @@ ActiveRecord::Schema.define(:version => 20120510184853) do
t.string "guid"
t.text "author_signature"
t.text "parent_author_signature"
t.datetime "created_at"
t.datetime "updated_at"
t.datetime "created_at", :null => false
t.datetime "updated_at", :null => false
t.string "target_type", :limit => 60, :null => false
end
add_index "likes", ["author_id"], :name => "likes_author_id_fk"
add_index "likes", ["guid"], :name => "index_likes_on_guid", :unique => true
add_index "likes", ["target_id", "author_id", "target_type"], :name => "index_likes_on_target_id_and_author_id_and_target_type", :unique => true
add_index "likes", ["target_id"], :name => "index_likes_on_post_id"
@ -165,20 +162,19 @@ ActiveRecord::Schema.define(:version => 20120510184853) do
t.integer "author_id", :null => false
t.string "guid", :null => false
t.text "text", :null => false
t.datetime "created_at"
t.datetime "updated_at"
t.datetime "created_at", :null => false
t.datetime "updated_at", :null => false
t.text "author_signature"
t.text "parent_author_signature"
end
add_index "messages", ["author_id"], :name => "index_messages_on_author_id"
add_index "messages", ["conversation_id"], :name => "messages_conversation_id_fk"
create_table "notification_actors", :force => true do |t|
t.integer "notification_id"
t.integer "person_id"
t.datetime "created_at"
t.datetime "updated_at"
t.datetime "created_at", :null => false
t.datetime "updated_at", :null => false
end
add_index "notification_actors", ["notification_id", "person_id"], :name => "index_notification_actors_on_notification_id_and_person_id", :unique => true
@ -190,8 +186,8 @@ ActiveRecord::Schema.define(:version => 20120510184853) do
t.integer "target_id"
t.integer "recipient_id", :null => false
t.boolean "unread", :default => true, :null => false
t.datetime "created_at"
t.datetime "updated_at"
t.datetime "created_at", :null => false
t.datetime "updated_at", :null => false
t.string "type"
end
@ -204,52 +200,7 @@ ActiveRecord::Schema.define(:version => 20120510184853) do
t.text "data", :null => false
end
add_index "o_embed_caches", ["url"], :name => "index_o_embed_caches_on_url", :length => {"url"=>255}
create_table "oauth_access_tokens", :force => true do |t|
t.integer "authorization_id", :null => false
t.string "access_token", :limit => 127, :null => false
t.string "refresh_token", :limit => 127
t.datetime "expires_at"
t.datetime "created_at"
t.datetime "updated_at"
end
create_table "oauth_authorization_codes", :force => true do |t|
t.integer "authorization_id", :null => false
t.string "code", :limit => 127, :null => false
t.datetime "expires_at"
t.datetime "created_at"
t.datetime "updated_at"
t.string "redirect_uri"
end
create_table "oauth_authorizations", :force => true do |t|
t.integer "client_id", :null => false
t.integer "resource_owner_id"
t.string "resource_owner_type", :limit => 32
t.string "scope"
t.datetime "expires_at"
end
add_index "oauth_authorizations", ["resource_owner_id", "resource_owner_type", "client_id"], :name => "index_oauth_authorizations_on_resource_owner_and_client_id", :unique => true
create_table "oauth_clients", :force => true do |t|
t.string "name", :limit => 127, :null => false
t.text "description", :null => false
t.string "application_base_url", :limit => 127, :null => false
t.string "icon_url", :limit => 127, :null => false
t.string "oauth_identifier", :limit => 127, :null => false
t.string "oauth_secret", :limit => 127, :null => false
t.string "nonce", :limit => 127
t.text "public_key", :null => false
t.text "permissions_overview", :null => false
t.string "oauth_redirect_uri"
end
add_index "oauth_clients", ["application_base_url"], :name => "index_oauth_clients_on_application_base_url", :unique => true
add_index "oauth_clients", ["name"], :name => "index_oauth_clients_on_name", :unique => true
add_index "oauth_clients", ["nonce"], :name => "index_oauth_clients_on_nonce", :unique => true
add_index "o_embed_caches", ["url"], :name => "index_o_embed_caches_on_url"
create_table "participations", :force => true do |t|
t.string "guid"
@ -258,8 +209,8 @@ ActiveRecord::Schema.define(:version => 20120510184853) do
t.integer "author_id"
t.text "author_signature"
t.text "parent_author_signature"
t.datetime "created_at"
t.datetime "updated_at"
t.datetime "created_at", :null => false
t.datetime "updated_at", :null => false
end
add_index "participations", ["guid"], :name => "index_participations_on_guid"
@ -271,8 +222,8 @@ ActiveRecord::Schema.define(:version => 20120510184853) do
t.string "diaspora_handle", :null => false
t.text "serialized_public_key", :null => false
t.integer "owner_id"
t.datetime "created_at"
t.datetime "updated_at"
t.datetime "created_at", :null => false
t.datetime "updated_at", :null => false
t.boolean "closed_account", :default => false
end
@ -306,8 +257,8 @@ ActiveRecord::Schema.define(:version => 20120510184853) do
create_table "pods", :force => true do |t|
t.string "host"
t.boolean "ssl"
t.datetime "created_at"
t.datetime "updated_at"
t.datetime "created_at", :null => false
t.datetime "updated_at", :null => false
end
create_table "posts", :force => true do |t|
@ -322,8 +273,8 @@ ActiveRecord::Schema.define(:version => 20120510184853) do
t.string "remote_photo_name"
t.string "random_string"
t.string "processed_image"
t.datetime "created_at"
t.datetime "updated_at"
t.datetime "created_at", :null => false
t.datetime "updated_at", :null => false
t.string "unprocessed_image"
t.string "object_url"
t.string "image_url"
@ -364,8 +315,8 @@ ActiveRecord::Schema.define(:version => 20120510184853) do
t.text "bio"
t.boolean "searchable", :default => true, :null => false
t.integer "person_id", :null => false
t.datetime "created_at"
t.datetime "updated_at"
t.datetime "created_at", :null => false
t.datetime "updated_at", :null => false
t.string "location"
t.string "full_name", :limit => 70
t.boolean "nsfw", :default => false
@ -383,8 +334,8 @@ ActiveRecord::Schema.define(:version => 20120510184853) do
t.string "table"
t.integer "month", :limit => 2
t.integer "year", :limit => 8
t.datetime "created_at"
t.datetime "updated_at"
t.datetime "created_at", :null => false
t.datetime "updated_at", :null => false
end
add_index "rails_admin_histories", ["item", "table", "month", "year"], :name => "index_rails_admin_histories"
@ -392,8 +343,8 @@ ActiveRecord::Schema.define(:version => 20120510184853) do
create_table "roles", :force => true do |t|
t.integer "person_id"
t.string "name"
t.datetime "created_at"
t.datetime "updated_at"
t.datetime "created_at", :null => false
t.datetime "updated_at", :null => false
end
create_table "services", :force => true do |t|
@ -403,8 +354,8 @@ ActiveRecord::Schema.define(:version => 20120510184853) do
t.string "access_token"
t.string "access_secret"
t.string "nickname"
t.datetime "created_at"
t.datetime "updated_at"
t.datetime "created_at", :null => false
t.datetime "updated_at", :null => false
end
add_index "services", ["type", "uid"], :name => "index_services_on_type_and_uid"
@ -412,8 +363,8 @@ ActiveRecord::Schema.define(:version => 20120510184853) do
create_table "share_visibilities", :force => true do |t|
t.integer "shareable_id", :null => false
t.datetime "created_at"
t.datetime "updated_at"
t.datetime "created_at", :null => false
t.datetime "updated_at", :null => false
t.boolean "hidden", :default => false, :null => false
t.integer "contact_id", :null => false
t.string "shareable_type", :limit => 60, :default => "Post", :null => false
@ -427,8 +378,8 @@ ActiveRecord::Schema.define(:version => 20120510184853) do
create_table "tag_followings", :force => true do |t|
t.integer "tag_id", :null => false
t.integer "user_id", :null => false
t.datetime "created_at"
t.datetime "updated_at"
t.datetime "created_at", :null => false
t.datetime "updated_at", :null => false
end
add_index "tag_followings", ["tag_id", "user_id"], :name => "index_tag_followings_on_tag_id_and_user_id", :unique => true
@ -459,8 +410,8 @@ ActiveRecord::Schema.define(:version => 20120510184853) do
create_table "user_preferences", :force => true do |t|
t.string "email_type"
t.integer "user_id"
t.datetime "created_at"
t.datetime "updated_at"
t.datetime "created_at", :null => false
t.datetime "updated_at", :null => false
end
create_table "users", :force => true do |t|
@ -481,8 +432,8 @@ ActiveRecord::Schema.define(:version => 20120510184853) do
t.datetime "last_sign_in_at"
t.string "current_sign_in_ip"
t.string "last_sign_in_ip"
t.datetime "created_at"
t.datetime "updated_at"
t.datetime "created_at", :null => false
t.datetime "updated_at", :null => false
t.string "invitation_service", :limit => 127
t.string "invitation_identifier", :limit => 127
t.integer "invitation_limit"

120
features/oauth.feature
View file

@ -1,120 +0,0 @@
@wip @javascript @oauth-group
Feature: oauth
Exchanging oauth credentials
Background:
Given Chubbies has been killed
And Chubbies is running
And I visit "/reset" on Chubbies
And a user with username "bob" and password "secret"
Scenario: Authorize Chubbies
When I try to authorize Chubbies
When I press "Authorize"
Then I should be on "/account" on Chubbies
And I should see my "profile.birthday"
And I should see my "name"
Scenario: Signup+login (Diaspora Connect) with Chubbies
When I visit "/reset" on Chubbies
And I should have 0 user on Chubbies
And I try to authorize Chubbies
And I press "Authorize"
Then I should be on "/account" on Chubbies
And I should have 1 user on Chubbies
Scenario: Signing up as a user while someone else is logged into Diaspora
When I change the app_host to Diaspora
Given a user with username "alice"
When I sign in as "alice@alice.alice"
Then I visit "/new" on Chubbies
And I fill in "Diaspora ID" with "bob@localhost:9887"
And I press "Connect to Diaspora"
Then I should be on the new user session page
And the "Username" field within "#user_new" should contain "bob"
Scenario: Not authorize Chubbies
When I try to authorize Chubbies
When I press "No"
Then I should be on "/account" on Chubbies
And I should have 0 user on Chubbies
Scenario: Authorize Chubbies when Chubbies is already connected
Given Chubbies is registered on my pod
When I try to authorize Chubbies
And there is only one Chubbies
When I press "Authorize"
Then I should be on "/account" on Chubbies
And I should see my "profile.birthday"
And I should see my "name"
Scenario: Authorize Chubbies when the pod knows about Chubbies
Given Chubbies is registered on my pod
When I try to authorize Chubbies
And I visit "/reset" on Chubbies
And I change the app_host to Diaspora
And I go to the destroy user session page
When I try to authorize Chubbies
And there is only one Chubbies
When I press "Authorize"
Then I should be on "/account" on Chubbies
And I should see my "profile.birthday"
And I should see my "name"
Scenario: Authorize Chubbies should place it on the authorized applications page
When I try to authorize Chubbies
When I press "Authorize"
And I change the app_host to Diaspora
And I am on the authorizations page
Then I should see "Chubbies"
And I should see "The best way to chub."
Scenario: Removing Chubbies from the authorized applications list de-authorizes it
When I try to authorize Chubbies
When I press "Authorize"
And I change the app_host to Diaspora
And I am on the authorizations page
And I preemptively confirm the alert
And I follow "Revoke Access"
Then I visit "/account?id=1" on Chubbies
Then I should see "Token invalid"
Scenario: Re-registering a client if the client recognizes the diaspora pod but the diaspora pod has since been reset
Given Chubbies is registered on my pod
And I remove all traces of Chubbies on the pod
When I try to authorize Chubbies
When I press "Authorize"
Then I should be on "/account" on Chubbies
And I should see my "profile.birthday"
And I should see my "name"
Scenario: Login in with Chubbies when you already authorized it
Given Chubbies is registered on my pod
And I should have 0 user on Chubbies
When I try to authorize Chubbies
When I press "Authorize"
Then I should be on "/account" on Chubbies
And I should have 1 user on Chubbies
Then I visit "/new" on Chubbies
And I fill in my Diaspora ID to connect
And I press "Connect to Diaspora"
Then I should be on "/account" on Chubbies
And I should have 1 user on Chubbies
When I change the app_host to Diaspora

119
features/step_definitions/oauth_steps.rb
View file

@ -1,119 +0,0 @@
Given /^Chubbies is running$/ do
Chubbies.run unless Chubbies.running?
end
Given /^Chubbies has been killed$/ do
Chubbies.kill
end
Given /^Chubbies is registered on my pod$/ do
packaged_manifest = JSON.parse(RestClient.get("localhost:#{Chubbies::PORT}/manifest.json").body)
public_key = OpenSSL::PKey::RSA.new(packaged_manifest['public_key'])
manifest = JWT.decode(packaged_manifest['jwt'], public_key)
client = OAuth2::Provider.client_class.find_or_create_from_manifest!(manifest, public_key)
params = {:client_id => client.oauth_identifier,
:client_secret => client.oauth_secret,
:host => "localhost:9887"}
RestClient.post("localhost:#{Chubbies::PORT}/register", params)
end
And /^I should see my "([^"]+)"/ do |code|
page.should have_content(@me.person.instance_eval(code).to_s)
end
And /^there is only one Chubbies$/ do
OAuth2::Provider.client_class.where(:name => "Chubbies").count.should == 1
end
And /^I remove all traces of Chubbies on the pod$/ do
OAuth2::Provider.client_class.destroy_all
end
When /^I try to authorize Chubbies$/ do
# We need to reset the tokens saved in Chubbies,
# as we are clearing the Diaspora DB every scenario
step 'I visit "/new" on Chubbies'
###
step "I fill in my Diaspora ID to connect"
step 'I press "Connect to Diaspora"'
step 'I should be on the new user session page'
step "I fill in \"Username\" with \"#{@me.username}\""
step "I fill in \"Password\" with \"#{@me.password}\""
step 'I press "Sign in"'
step 'I should be on the oauth authorize page'
step 'I should see "Chubbies"'
step 'I should see "The best way to chub."'
end
And /^I fill in my Diaspora ID to connect$/ do
step "I fill in \"Diaspora ID\" with \"#{@me.diaspora_handle}\""
end
And /^I should have (\d) user on Chubbies$/ do |num|
step "I visit \"/user_count\" on Chubbies"
step "I should see \"#{num}\""
end
When /^I visit "([^"]+)" on Chubbies$/ do |path|
Capybara.app_host = "http://localhost:#{Chubbies::PORT}"
visit(path)
end
When /^I change the app_host to Diaspora$/ do
Capybara.app_host = "http://localhost:9887"
end
class Chubbies
PORT = 9292
def self.run
@pid = fork do
Process.exec "cd #{Rails.root}/spec/chubbies/ && bundle exec #{run_command} #{nullify}"
end
at_exit do
Chubbies.kill
end
while(!running?) do
sleep(1)
end
end
def self.nullify
"2> /dev/null > /dev/null"
end
def self.kill
pid = self.get_pid
`kill -9 #{pid}` if pid.present?
end
def self.running?
begin
begin
RestClient.get("localhost:#{PORT}/running")
rescue RestClient::ResourceNotFound
end
true
rescue Errno::ECONNREFUSED, Errno::ECONNRESET
false
end
end
def self.run_command
"rackup -p #{PORT}"
end
def self.get_pid
processes = `ps ax -o pid,command | grep "#{run_command}"`.split("\n")
processes = processes.select{|p| !p.include?("grep") }
if processes.any?
processes.first.split(" ").first
else
nil
end
end
end

5
spec/controllers/activity_streams/photos_controller_spec.rb
View file

@ -1,5 +0,0 @@
require 'spec_helper'
describe ActivityStreams::PhotosController do
end

8
spec/controllers/apis_controller_spec.rb
View file

@ -1,8 +0,0 @@
# Copyright (c) 2010-2011, Diaspora Inc. This file is
# licensed under the Affero General Public License version 3 or later. See
# the COPYRIGHT file.
require 'spec_helper'
describe ApisController do
end

13
spec/controllers/apps_controller_spec.rb
View file

@ -1,13 +0,0 @@
require 'spec_helper'
describe AppsController do
describe '#show' do
it 'works as long as you pass something as id' do
Factory(:activity_streams_photo)
get :show, :id => 'cubbies'
response.should be_success
end
end
end

274
spec/controllers/authorizations_controller_spec.rb
View file

@ -1,274 +0,0 @@
# Copyright (c) 2010-2011, Diaspora Inc. This file is
# licensed under the Affero General Public License version 3 or later. See
# the COPYRIGHT file.
require 'spec_helper'
describe AuthorizationsController do
RSA = OpenSSL::PKey::RSA
before :all do
@private_key = RSA.generate(2048)
@public_key = @private_key.public_key
end
before do
sign_in :user, alice
@controller.stub(:current_user).and_return(alice)
@time = Time.now
Time.stub(:now).and_return(@time)
@nonce = 'asdfsfasf'
@signed_string = ["http://chubbi.es/",'http://pod.pod',"#{Time.now.to_i}", @nonce].join(';')
@signature = @private_key.sign(OpenSSL::Digest::SHA256.new, @signed_string)
@manifest = {
"name" => "Chubbies",
"description" => "The best way to chub.",
"application_base_url" => "http://chubbi.es/",
"icon_url" => "#",
"permissions_overview" => "I will use the permissions this way!",
}
end
describe '#new' do
before do
@app = Factory(:app, :name => "Authorized App")
@params = {
:scope => "profile",
:redirect_uri => @manifest['application_base_url'] << '/callback',
:client_id => @app.oauth_identifier,
:uid => alice.username
}
end
it 'succeeds' do
get :new, @params
response.should be_success
end
it 'logs out the signed in user if a different username is passed' do
@params[:uid] = bob.username
get :new, @params
response.location.should include(oauth_authorize_path)
end
it 'it succeeds if no uid is passed' do
@params[:uid] = nil
get :new, @params
response.should be_success
end
end
describe '#token' do
before do
packaged_manifest = {:public_key => @public_key.export, :jwt => JWT.encode(@manifest, @private_key, "RS256")}.to_json
stub_request(:get, "http://chubbi.es/manifest.json").
to_return(:status => 200, :body => packaged_manifest, :headers => {})
@params_hash = {:type => 'client_associate', :signed_string => Base64.encode64(@signed_string), :signature => Base64.encode64(@signature)}
end
context 'special casing (temporary, read note in the controller)' do
def prepare_manifest(url)
manifest = {
"name" => "Chubbies",
"description" => "The best way to chub.",
"application_base_url" => url,
"icon_url" => "#",
"permissions_overview" => "I will use the permissions this way!",
}
packaged_manifest = {:public_key => @public_key.export, :jwt => JWT.encode(manifest, @private_key, "RS256")}.to_json
stub_request(:get, "#{url}manifest.json").
to_return(:status => 200, :body => packaged_manifest, :headers => {})
@signed_string = [url,'http://pod.pod',"#{Time.now.to_i}", @nonce].join(';')
@signature = @private_key.sign(OpenSSL::Digest::SHA256.new, @signed_string)
@params_hash = {:type => 'client_associate', :signed_string => Base64.encode64(@signed_string), :signature => Base64.encode64(@signature)}
end
it 'renders something for chubbies ' do
prepare_manifest("http://chubbi.es/")
@controller.stub!(:verify).and_return('ok')
post :token, @params_hash
response.code.should == "200"
end
it 'renders something for cubbies ' do
prepare_manifest("http://cubbi.es/")
@controller.stub!(:verify).and_return('ok')
post :token, @params_hash
response.code.should == "200"
end
it 'renders something for cubbies ' do
prepare_manifest("https://www.cubbi.es:443/")
@controller.stub!(:verify).and_return('ok')
post :token, @params_hash
response.code.should == "200"
end
it 'renders something for localhost' do
prepare_manifest("http://localhost:3423/")
@controller.stub!(:verify).and_return('ok')
post :token, @params_hash
response.code.should == "200"
end
it 'renders nothing for myspace' do
prepare_manifest("http://myspace.com")
@controller.stub!(:verify).and_return('ok')
post :token, @params_hash
response.code.should == "403"
response.body.should include("http://myspace.com")
end
end
it 'fetches the manifest' do
@controller.stub!(:verify).and_return('ok')
post :token, @params_hash
end
it 'creates a client application' do
@controller.stub!(:verify).and_return('ok')
lambda {
post :token, @params_hash
}.should change(OAuth2::Provider.client_class, :count).by(1)
end
it 'does not create a client if verification fails' do
@controller.stub!(:verify).and_return('invalid signature')
lambda {
post :token, @params_hash
}.should_not change(OAuth2::Provider.client_class, :count)
end
it 'verifies the signable string validity(time,nonce,sig)' do
@controller.should_receive(:verify){|a,b,c,d|
a.should == @signed_string
b.should == @signature
c.export.should == @public_key.export
d.should == @manifest
}
post :token, @params_hash
end
end
describe "#index" do
it 'succeeds' do
get :index
response.should be_success
end
it 'succeeds on a phone' do
get :index, :format => :mobile
response.should be_success
end
it 'assigns the auth. & apps for the current user' do
app1 = Factory(:app, :name => "Authorized App")
app2 = Factory(:app, :name => "Unauthorized App")
auth = OAuth2::Provider.authorization_class.create(:client => app1, :resource_owner => alice)
OAuth2::Provider.authorization_class.create(:client => app1, :resource_owner => bob)
OAuth2::Provider.authorization_class.create(:client => app2, :resource_owner => bob)
get :index
assigns[:authorizations].should == [auth]
assigns[:applications].should == [app1]
end
end
describe "#destroy" do
before do
@app1 = Factory(:app)
@auth1 = OAuth2::Provider.authorization_class.create(:client => @app1, :resource_owner => alice)
@auth2 = OAuth2::Provider.authorization_class.create(:client => @app1, :resource_owner => bob)
end
it 'deletes an authorization' do
lambda{
delete :destroy, :id => @app1.id
}.should change(OAuth2::Provider.authorization_class, :count).by(-1)
end
end
describe '#verify' do
before do
@controller.stub!(:verify_signature)
@sig = 'sig'
end
it 'checks for valid time' do
@controller.should_receive(:valid_time?).with(@time.to_i.to_s)
@controller.verify(@signed_string, @sig, @public_key, @manifest)
end
it 'checks the signature' do
@controller.should_receive(:verify_signature).with(@signed_string, 'sig', @public_key)
@controller.verify(@signed_string, @sig, @public_key, @manifest)
end
it 'checks for valid nonce' do
@controller.should_receive(:valid_nonce?).with(@nonce)
@controller.verify(@signed_string, @sig, @public_key, @manifest)
end
it 'checks for public key' do
@controller.verify(@signed_string, @sig, RSA.new(), @manifest).should == "blank public key"
end
it 'checks consistency of app_url' do
@controller.verify(@signed_string, @sig, @public_key, @manifest.merge({"application_base_url" => "http://badsite.com/"})).
should == "the app url in the manifest (http://badsite.com/) does not match the url passed in the parameters (http://chubbi.es/)."
end
it 'checks key size' do
short_key = RSA.generate(100)
RSA.stub!(:new).and_return(short_key)
@controller.verify(@signed_string, @sig, RSA.generate(100).public_key, @manifest).
should == "key too small, use at least 2048 bits"
end
end
describe '#verify_signature' do
before do
@sig = @private_key.sign(OpenSSL::Digest::SHA256.new, @signed_string)
end
it 'returns true if the signature is valid' do
@controller.verify_signature(@signed_string, @sig, @public_key).should be_true
end
it 'returns false if the signature is invalid' do
@signed_string = "something else"
@controller.verify_signature(@signed_string, @sig, @public_key).should be_false
end
end
describe "valid_time?" do
it "returns true if time is within the last 5 minutes" do
@controller.valid_time?(@time - 4.minutes - 59.seconds).should be_true
end
it "returns false if time is not within the last 5 minutes" do
@controller.valid_time?(@time - 5.minutes - 1.seconds).should be_false
end
end
describe 'valid_nonce' do
before do
@nonce = "abc123"
Factory(:app, :nonce => @nonce)
end
it 'returns true if its a new nonce' do
@controller.valid_nonce?("lalalala").should be_true
end
it 'returns false if the nonce was already used' do
@controller.valid_nonce?(@nonce).should be_false
end
end
end

9
spec/controllers/tokens_controller_spec.rb
View file

@ -1,9 +0,0 @@
describe TokensController do
describe '#show' do
it 'succeeds' do
sign_in eve
get :show
response.should be_success
end
end
end

19
spec/factories.rb
View file

@ -180,25 +180,6 @@ FactoryGirl.define do
public true
end
factory(:app, :class => OAuth2::Provider.client_class) do
sequence(:name) { |token| "Chubbies#{token}" }
sequence(:application_base_url) { |token| "http://chubbi#{token}.es/" }
description "The best way to chub on the ne"
icon_url "/assets/chubbies48.png"
permissions_overview "I will use the permissions this way!"
sequence(:public_key) {|n| OpenSSL::PKey::RSA.new(2048) }
end
factory(:oauth_authorization, :class => OAuth2::Provider.authorization_class) do
association(:client, :factory => :app)
association(:resource_owner, :factory => :user)
end
factory(:oauth_access_token, :class => OAuth2::Provider.access_token_class) do
association(:authorization, :factory => :oauth_authorization)
end
factory(:tag, :class => ActsAsTaggableOn::Tag) do
name "partytimeexcellent"
end

11
spec/helpers/getting_started_helper_spec.rb
View file

@ -12,17 +12,6 @@ describe GettingStartedHelper do
@current_user
end
describe "#has_connected_cubbies?" do
it 'returns true if the current user has connected cubbies to their account' do
@current_user.authorizations << Factory(:oauth_authorization)
has_connected_cubbies?.should be_true
end
it 'returns false if the current user has not connected cubbies to their account' do
has_connected_cubbies?.should be_false
end
end
describe "#has_completed_getting_started?" do
it 'returns true if the current user has completed getting started' do
@current_user.getting_started = false

4
spec/integration/account_deletion_spec.rb
View file

@ -48,7 +48,6 @@ describe 'deleteing your account' do
@block = @bob2.blocks.create!(:person => eve.person)
#authorization
@authorization = Factory(:oauth_authorization, :resource_owner => @bob2)
AccountDeleter.new(@bob2.person.diaspora_handle).perform!
@bob2.reload
@ -87,9 +86,6 @@ describe 'deleteing your account' do
@bob2.contacts.should be_empty
end
it 'deletes all the authorizations' do
OAuth2::Provider.authorization_class.where(:id => @authorization.id).should be_empty
end
it "clears the account fields" do
@bob2.send(:clearable_fields).each do |field|

58
spec/integration/activity_streams/photos_controller_spec.rb
View file

@ -1,58 +0,0 @@
require 'spec_helper'
describe ActivityStreams::PhotosController do
describe '#create' do
before do
@json = JSON.parse <<JSON
{
"activity": {
"actor": {
"url":"http://cubbi.es/daniel",
"displayName":"daniel",
"objectType":"person"
},
"published":"2011-05-19T18:12:23Z",
"verb":"save",
"object": {
"objectType":"photo",
"url":"http://i658.photobucket.com/albums/uu308/R3b3lAp3/Swagger_dog.jpg",
"id":"http://i658.photobucket.com/albums/uu308/R3b3lAp3/Swagger_dog.jpg",
"image": {
"url":"http://i658.photobucket.com/albums/uu308/R3b3lAp3/Swagger_dog.jpg",
"width":637,
"height":469
}
},
"provider": {
"url":"http://cubbi.es/",
"displayName":"Cubbi.es"
}
}
}
JSON
@url = activity_streams_photos_path
end
it 'allows oauth authentication' do
token = Factory(:oauth_access_token)
post @url, @json.merge!(:oauth_token => token.access_token)
response.should be_success
end
it 'denies an invalid oauth token' do
post @url, @json.merge!(:oauth_token => "aoijgosidjg")
response.status.should == 401
response.body.should be_empty
end
it 'allows token authentication' do
bob.reset_authentication_token!
post @url, @json.merge!(:auth_token => bob.authentication_token)
response.should be_success
end
it 'correctly denies an invalid token' do
post @url, @json.merge!(:auth_token => "iudsfghpsdifugh")
response.status.should == 401
end
end
end

23
spec/models/oauth2_provider_models_activerecord_authorization_spec.rb
View file

@ -1,23 +0,0 @@
# Copyright (c) 2010-2011, Diaspora Inc. This file is
# licensed under the Affero General Public License version 3 or later. See
# the COPYRIGHT file.
require 'spec_helper'
describe OAuth2::Provider::Models::ActiveRecord::Authorization do
describe 'validations'do
before do
@client = Factory(:app)
end
it 'validates uniqueness on resource owner and client' do
OAuth2::Provider::Models::ActiveRecord::Authorization.create!(:client => @client, :resource_owner => alice)
OAuth2::Provider::Models::ActiveRecord::Authorization.new(:client => @client, :resource_owner => alice).should_not be_valid
end
it 'requires a resource owner for an authorization' do
OAuth2::Provider::Models::ActiveRecord::Authorization.new(:client => @client).should_not be_valid
end
end
end

15
spec/models/oauth2_provider_models_activerecord_client_spec.rb
View file

@ -1,15 +0,0 @@
# Copyright (c) 2010-2011, Diaspora Inc. This file is
# licensed under the Affero General Public License version 3 or later. See
# the COPYRIGHT file.
#
require 'spec_helper'
describe OAuth2::Provider::Models::ActiveRecord::Client do
describe 'validations'do
it 'validates uniqueness on identifier' do
OAuth2::Provider::Models::ActiveRecord::Client.create(:oauth_identifier => "three")
OAuth2::Provider::Models::ActiveRecord::Client.new(:oauth_identifier => "three").valid?.should be_false
end
end
end