Fix #4361 twitter access level check breaking facebook addition to user

Rewrite twitter access-level check

Fixed tests, still working on getting facebook up

Add heroku example to diaspora.example.yml

app/controllers/services_controller.rb

@@ -56,7 +56,7 @@ class ServicesController < ApplicationController
   end
 
   def abort_if_read_only_access
-    if omniauth_hash['provider'] == 'twitter' && twitter_header['x_access_level'] == 'read'
+    if omniauth_hash['provider'] == 'twitter' && twitter_access_level == 'read'
       flash[:error] =  I18n.t( 'services.create.read_only_access' )
       redirect_to_origin
     end
@@ -86,17 +86,13 @@ class ServicesController < ApplicationController
     request.env['omniauth.auth']
   end
 
-  def extra_hash
-    omniauth_hash['extra'] ? omniauth_hash['extra'] : {} 
-  end
-
-  def twitter_header 
-    twitter_header_present? ? extra_hash['access_token']['response']['header'] : {}
+  def twitter_access_token
+    omniauth_hash['extra']['access_token']
   end
 
   #https://github.com/intridea/omniauth/wiki/Auth-Hash-Schema #=> normalized hash
   #https://gist.github.com/oliverbarnes/6096959 #=> hash with twitter specific extra
-  def twitter_header_present?
-    extra_hash['access_token'] && extra_hash['access_token']['response'] && extra_hash['access_token']['response']['header']
+  def twitter_access_level
+    twitter_access_token.response.header['x-access-level']
   end
 end

config/diaspora.yml.example

@@ -20,6 +20,9 @@
 ## - Replace the dots with underscores: environment_s3_enable
 ## - Upcase everything: ENVIRONMENT_S3_ENABLE
 ## - Specify lists/arrays as comma separated values
+##
+## - For example, on Heroku:
+##   heroku config:set SERVICES_FACEBOOK_APP_ID=whateeryourappid SERVICES_FACEBOOK_SECRET=whateeryourappsecret
 
 configuration: ## Section
   

spec/controllers/services_controller_spec.rb

@@ -6,7 +6,7 @@ require 'spec_helper'
 
 describe ServicesController do
   let(:omniauth_auth) do
-    { 'provider' => 'twitter',
+    { 'provider' => 'facebook',
       'uid'      => '2',
       'info'   => { 'nickname' => 'grimmin' },
       'credentials' => { 'token' => 'tokin', 'secret' =>"not_so_much" }}
@@ -37,13 +37,13 @@ describe ServicesController do
 
     it 'creates a new service and associates it with the current user' do
       expect {
-        post :create, :provider => 'twitter'
+        post :create, :provider => 'facebook'
       }.to change(user.services, :count).by(1)
     end
 
     it 'saves the provider' do
-      post :create, :provider => 'twitter'
-      user.reload.services.first.class.name.should == "Services::Twitter"
+      post :create, :provider => 'facebook'
+      user.reload.services.first.class.name.should == "Services::Facebook"
     end
 
     context 'when service exists with the same uid' do
@@ -64,15 +64,21 @@ describe ServicesController do
 
     context 'Twitter' do
       context 'when the access-level is read-only' do
+
+        let(:header) { { 'x-access-level' => 'read' } }
+        let(:access_token) { double('access_token') } 
+        let(:extra) { {'extra' => { 'access_token' => access_token }} }
+        let(:provider) { {'provider' => 'twitter'} }
+
         before do 
-          access_level_hash = { 'extra' => { 'access_token' => { 'response' => { 'header' => { 'x_access_level' => 'read' }}}}}
-          request.env['omniauth.auth'] = omniauth_auth.merge!( access_level_hash )
+          access_token.stub_chain(:response, :header).and_return header
+          request.env['omniauth.auth'] = omniauth_auth.merge!( provider).merge!( extra )
         end
 
         it 'doesnt create a new service' do
           expect {
-          post :create, :provider => 'twitter'
-        }.to_not change(Service, :count).by(1)
+            post :create, :provider => 'twitter'
+          }.to_not change(Service, :count).by(1)
         end
 
         it 'flashes an read-only access error'  do